Oracle Database是一款商業性質大型數據庫系統。
Oracle數據庫存在多個緩沖區溢出和拒絕服務問題,遠程攻擊者可以利用這個漏洞控制數據庫或進行拒絕服務攻擊。
多個組織發現Oracle數據庫和應用服務程序存在多個漏洞,其中范圍包括緩沖區溢出,PL/SQL注入,字符集轉換錯誤和拒絕服務攻擊。
受影響系統:
Oracle Oracle 8i Enterprise Edition 8.1.7.1.0 Oracle Oracle 8i Enterprise Edition 8.1.7.0.0 Oracle Oracle 8i Enterprise Edition 8.1.6.1.0 Oracle Oracle 8i Enterprise Edition 8.1.6.0.0 Oracle Oracle 8i Enterprise Edition 8.1.5.1.0 Oracle Oracle 8i Enterprise Edition 8.1.5.0.2 Oracle Oracle 8i Enterprise Edition 8.1.5.0.0 Oracle Oracle 8i Enterprise Edition 8.0.6.0.1 Oracle Oracle 8i Enterprise Edition 8.0.6.0.0 Oracle Oracle 8i Enterprise Edition 8.0.5.0.0 Oracle Oracle9i Standard Edition 9.2.0.4 Oracle Oracle9i Standard Edition 9.2.0.1 Oracle Oracle9i Release 2 9.2.2 Oracle Oracle9i Release 2 9.2.1 Oracle Oracle9i Personal Edition 9.2.0.4 Oracle Oracle9i Personal Edition 9.2.0.1 Oracle Oracle9i Enterprise Edition 9.2.0.4 Oracle Oracle9i Enterprise Edition 9.2.0.1 Oracle Oracle9i 9.2.0.3 Oracle Oracle9i 9.2.0.2 Oracle Oracle9i 9.2.0.1 Oracle Oracle9i 9.2 Oracle Oracle9i 9.0.2 Oracle Oracle9i 9.0.1.4 Oracle Oracle9i 9.0.1.3 Oracle Oracle9i 9.0.1.2 Oracle Oracle9i 9.0.1 Oracle Oracle9i 9.0 Oracle Oracle10g Application Server 9.0.4.0 Oracle Oracle10g Application Server 10.1.0.2 Oracle Oracle10g Enterprise Edition 9.0.4.0 Oracle Oracle10g Enterprise Edition 10.1.0.2 Oracle Oracle10g Personal Edition 9.0.4.0 Oracle Oracle10g Personal Edition 10.1.0.2 Oracle Oracle10g Standard Edition 9.0.4.0 Oracle Oracle10g Standard Edition 10.1.0.2
攻擊方法:
暫無有效攻擊代碼
解決方案:
廠商補丁:
Oracle
客戶可以聯系供應商下載補丁程序:
http://metalink.Oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=281189.1
