Oracle.Database.O5Logon.Protocol.Information.Disclosure
Description
This indicates an attack attempt to exploit an Information Disclosure vulnerability in Oracle Database 11g authentication protocol.
The vulnerability is due to the O5Logon authentication protocol sending the encrypted session key and the password salt value to the client. A remote attacker may be able to exploit this by using the session key and salt value to execute an offline brute force cracking of user credentials.
Affected Products
Oracle Database Server 11gR1
Oracle Database Server 11gR2
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's website for suggested workaround (Login required).
https://support.oracle.com/epmos/faces/ui/km/DocumentDisplay.jspx?id=1492721.1
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |