Vulnerability CVE-2006-0552


Published: 2006-02-04   Modified: 2011-03-07

Description:
Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.

Vendor: Oracle
Product: Oracle9i 
Version:
standard_9.2.0.7
standard_9.2.0.6
enterprise_9.0.1.5_fips
enterprise_9.0.1.5
enterprise_9.0.1.4
Product: Oracle8i 
Version:
standard_8.1.7.4
standard_8.0.6.3
standard_8.0.6
enterprise_8.1.7.4
Product: Oracle10g 
Version:
standard_10.2.0.1
standard_10.1.0.5
standard_10.1.0.4.2
standard_10.1.0.4
standard_10.1.0.3
personal_10.1.0.4
personal_10.1.0.3
enterprise_10.1.0.4
enterprise_10.1.0.3
Product: Enterpriseone 
Version: sp23_l1; 8.95.f1;
Product: Collaboration suite 
Version:
release_1
9.0.4.2
10.1.2
10.1.1
Product: Application server 
Version:
9.0.4.2
9.0.4.1
9.0.4
10.1.2.1.0
10.1.2.0.2
10.1.2.0.1
10.1.2.0.0
10.1.2
1.0.2.2
Product: Developer suite 
Version:
9.0.4.2
9.0.4.1
9.0.2.1
10.1.2
Product: Peoplesoft enterprise portal 
Version:
8.9
8.8
8.4
Product: Database server 
Version:
8.1.7.4
8.0.6.3
8.0.6
Product: Workflow 
Version: 11.5.9.5; 11.5.1;
Product: E-business suite 
Version:
11.5.9
11.5.8
11.5.7
11.5.6
11.5.5
11.5.4
11.5.3
11.5.2
11.5.10
11.5.1
Product: 10g enterprise manager grid control 
Version: 10.1_.0.4; 10.1_.0.3;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.kb.cert.org/vuls/id/545804
http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html
http://secunia.com/advisories/18493
http://www.vupen.com/english/advisories/2006/0323
http://www.vupen.com/english/advisories/2006/0243
http://www.securityfocus.com/bid/16287
http://www.osvdb.org/22549
http://securitytracker.com/id?1015499
http://secunia.com/advisories/18608
http://xforce.iss.net/xforce/xfdb/24321

Related CVE
CVE-2017-3653
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged ...
CVE-2017-3652
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged ...
CVE-2017-3649
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker wi...
CVE-2017-3650
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protoc...
CVE-2017-3651
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileg...
CVE-2017-3648
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privi...
CVE-2017-3647
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker wi...
CVE-2017-3646
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple proto...

Copyright 2017, cxsecurity.com

 

Back to Top