Intrusion PreventionOracle.DBMS_ASSERT.SQL.Injection
Description
This indicates an attack attempt to exploit an SQL injection vulnerability in Oracle dbms_assert packet.
The vulnerability is a result of the application's failure to properly sanitize user input before using it in a SQL query. As a result, a remote attacker can send a crafted query to execute SQL commands on a vulnerable server.
Affected Products
Oracle Oracle9i Standard Edition 9.2 .7
Oracle Oracle9i Standard Edition 9.2 .6
Oracle Oracle9i Standard Edition 9.2 .3
Oracle Oracle9i Standard Edition 9.2 .0.5
Oracle Oracle9i Standard Edition 9.2 .0.3
Oracle Oracle9i Standard Edition 9.2 .0.2
Oracle Oracle9i Standard Edition 9.2 .0.1
Oracle Oracle9i Standard Edition 9.2
Oracle Oracle9i Standard Edition 9.0.4
Oracle Oracle9i Standard Edition 9.0.2
Oracle Oracle9i Standard Edition 9.0.1 .5 FIPS
Oracle Oracle9i Standard Edition 9.0.1 .5
Oracle Oracle9i Standard Edition 9.0.1 .4
Oracle Oracle9i Standard Edition 9.0.1 .3
Oracle Oracle9i Standard Edition 9.0.1 .2
Oracle Oracle9i Standard Edition 9.0.1
Oracle Oracle9i Standard Edition 9.0 .2.4
Oracle Oracle9i Standard Edition 9.0
Oracle Oracle9i Standard Edition 8.1.7
Oracle Oracle9i Personal Edition 9.2 .7
Oracle Oracle9i Personal Edition 9.2 .6
Oracle Oracle9i Personal Edition 9.2 .0.5
Oracle Oracle9i Personal Edition 9.2 .0.3
Oracle Oracle9i Personal Edition 9.2 .0.2
Oracle Oracle9i Personal Edition 9.2 .0.1
Oracle Oracle9i Personal Edition 9.2
Oracle Oracle9i Personal Edition 9.0.4
Oracle Oracle9i Personal Edition 9.0.1 .5 FIPS
Oracle Oracle9i Personal Edition 9.0.1 .5
Oracle Oracle9i Personal Edition 9.0.1 .4
Oracle Oracle9i Personal Edition 9.0.1
Oracle Oracle9i Personal Edition 9.0 .2.4
Oracle Oracle9i Personal Edition 8.1.7
Oracle Oracle9i Enterprise Edition 9.2 .7
Oracle Oracle9i Enterprise Edition 9.2 .6
Oracle Oracle9i Enterprise Edition 9.2 .0.5
Oracle Oracle9i Enterprise Edition 9.2 .0.3
Oracle Oracle9i Enterprise Edition 9.2 .0.2
Oracle Oracle9i Enterprise Edition 9.2 .0.1
Oracle Oracle9i Enterprise Edition 9.2 .0
Oracle Oracle9i Enterprise Edition 9.0.4
Oracle Oracle9i Enterprise Edition 9.0.1 .5 FIPS
Oracle Oracle9i Enterprise Edition 9.0.1 .5
Oracle Oracle9i Enterprise Edition 9.0.1 .4
Oracle Oracle9i Enterprise Edition 9.0.1
Oracle Oracle9i Enterprise Edition 9.0 .2.4
Oracle Oracle9i Enterprise Edition 8.1.7
Oracle Oracle8i Standard Edition 8.1.7 .4
Oracle Oracle8i Enterprise Edition 8.1.7 .4
Oracle Oracle10g Standard Edition 10.2 .3
Oracle Oracle10g Standard Edition 10.2 .2
Oracle Oracle10g Standard Edition 10.2 .1
Oracle Oracle10g Standard Edition 10.1 .4.2
Oracle Oracle10g Standard Edition 10.1 .0.5
Oracle Oracle10g Standard Edition 10.1 .0.4
Oracle Oracle10g Standard Edition 10.1 .0.3.1
Oracle Oracle10g Standard Edition 10.1 .0.3
Oracle Oracle10g Standard Edition 10.1 .0.2
Oracle Oracle10g Standard Edition 9.0.4 .0
Oracle Oracle10g Personal Edition 10.2 .3
Oracle Oracle10g Personal Edition 10.2 .2
Oracle Oracle10g Personal Edition 10.2 .1
Oracle Oracle10g Personal Edition 10.1 .0.4
Oracle Oracle10g Personal Edition 10.1 .0.3.1
Oracle Oracle10g Personal Edition 10.1 .0.3
Oracle Oracle10g Personal Edition 10.1 .0.2
Oracle Oracle10g Personal Edition 9.0.4 .0
Oracle Oracle10g Enterprise Edition 10.2 .3
Oracle Oracle10g Enterprise Edition 10.2 .2
Oracle Oracle10g Enterprise Edition 10.2 .1
Oracle Oracle10g Enterprise Edition 10.1 .0.4
Oracle Oracle10g Enterprise Edition 10.1 .0.3.1
Oracle Oracle10g Enterprise Edition 10.1 .0.3
Oracle Oracle10g Enterprise Edition 10.1 .0.2
Oracle Oracle10g Enterprise Edition 9.0.4 .0
Impact
System Comprise:Remote attackers can gain control of the vulnerable system.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 13305 |
| Created | Oct 17, 2006 |
| Updated | Jan 13, 2022 |
| Risk |
|
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Oracle |