Vulnerability CVE-2006-0552


Published: 2006-02-04   Modified: 2011-03-07

Description:
Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.

Vendor: Oracle
Product: Oracle9i 
Version:
standard_9.2.0.7
standard_9.2.0.6
enterprise_9.0.1.5_fips
enterprise_9.0.1.5
enterprise_9.0.1.4
Product: Oracle8i 
Version:
standard_8.1.7.4
standard_8.0.6.3
standard_8.0.6
enterprise_8.1.7.4
Product: Oracle10g 
Version:
standard_10.2.0.1
standard_10.1.0.5
standard_10.1.0.4.2
standard_10.1.0.4
standard_10.1.0.3
personal_10.1.0.4
personal_10.1.0.3
enterprise_10.1.0.4
enterprise_10.1.0.3
Product: Enterpriseone 
Version: sp23_l1; 8.95.f1;
Product: Collaboration suite 
Version:
release_1
9.0.4.2
10.1.2
10.1.1
Product: Application server 
Version:
9.0.4.2
9.0.4.1
9.0.4
10.1.2.1.0
10.1.2.0.2
10.1.2.0.1
10.1.2.0.0
10.1.2
1.0.2.2
Product: Developer suite 
Version:
9.0.4.2
9.0.4.1
9.0.2.1
10.1.2
Product: Peoplesoft enterprise portal 
Version:
8.9
8.8
8.4
Product: Database server 
Version:
8.1.7.4
8.0.6.3
8.0.6
Product: Workflow 
Version: 11.5.9.5; 11.5.1;
Product: E-business suite 
Version:
11.5.9
11.5.8
11.5.7
11.5.6
11.5.5
11.5.4
11.5.3
11.5.2
11.5.10
11.5.1
Product: 10g enterprise manager grid control 
Version: 10.1_.0.4; 10.1_.0.3;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.kb.cert.org/vuls/id/545804
http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html
http://secunia.com/advisories/18493
http://www.vupen.com/english/advisories/2006/0323
http://www.vupen.com/english/advisories/2006/0243
http://www.securityfocus.com/bid/16287
http://www.osvdb.org/22549
http://securitytracker.com/id?1015499
http://secunia.com/advisories/18608
http://xforce.iss.net/xforce/xfdb/24321

Related CVE
CVE-2017-1000028
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
CVE-2017-1000030
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access...
CVE-2017-1000029
Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is vulnerable to Local File Inclusion vulnerability, that makes it possible to include arbitrary files on the server, this vulnerability can be exploited without any prior authentication.
CVE-2017-3630
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w...
CVE-2017-3631
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where S...
CVE-2017-3629
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w...
CVE-2017-3434
Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Audience workbench). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily "exploitable" vulnerability allows unauthenticated ...
CVE-2017-3347
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows u...

Copyright 2017, cxsecurity.com