Intrusion PreventionOracle9i.XDB.FTP.Unlock.Overflow
Description
It indicates a possible exploit of "buffer overflow vulnerability" in Oracle9i 9.2 .0.1 database server.
Oracle 9i has service called the Oracle XML Database or XDB that can be accessed via an HTTP based service on TCP port 8080 or an ftp based service on TCP port 2100. Multiple buffer overflow vulnerabilities are reported in it that may allow an attacker to execute arbitrary code on the vulnerable system. An attacker may send overly long token to the UNLOCK command to cause stack-based buffer overflow and execute arbitrary code on the affected system.
Affected Products
Oracle Oracle9i Standard Edition 9.2 .0.1
Oracle Oracle9i Personal Edition 9.2 .0.1
Oracle Oracle9i Enterprise Edition 9.2 .0.1
Impact
Unauthorized access to the affected system and compromise of the affected system.
Recommended Actions
Apply patch according to the following reference:
http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf
Upgrade to Oracle Oracle9i 9.2 .0.4. or later.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-11-22 | 15.729 | Name:Oracle. 9i. XDB. FTP. Unlock. Overflow:Oracle9i. XDB. FTP. Unlock. Overflow |
| 2018-10-26 | 13.480 | Sig Added |
| ID | 10018 |
| Created | Jun 07, 2005 |
| Updated | Mar 06, 2023 |
| Risk |
|
| CVE ID | CVE-2003-0727 |
| Exploit Prediction Score | 93.21% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Oracle |