Published: 05/02/2009 Updated: 30/10/2018

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the password directory, and then overwriting the password file through UTL_FILE operations, a related issue to CVE-2006-7141.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle database server 10.1
oracle database server 10.2
oracle database server 11

source: wwwsecurityfocuscom/bid/31738/info Oracle Database Server is prone to a privilege-escalation issue related to the 'CREATE ANY DIRECTORY' user privilege Attackers may exploit this issue to gain full SYSDBA privileges on the vulnerable database server This issue affects Oracle Database 101, 102, and 11g; additional versions ma ...

CWE-264 http://www.securityfocus.com/bid/31738 http://www.oracleforensics.com/wordpress/index.php/2008/10/10/create-any-directory-to-sysdba/http://www.oracleforensics.com/wordpress/wp-content/uploads/2008/10/create-any-directory-to-sysdba.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/48814 http://www.securityfocus.com/archive/1/497286/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/32475/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-6065

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect