CVE-2005-0298

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2005-0298
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://www.petefinnigan.com/directory_traversal.pdf Patch Vendor Advisory
http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf Patch
http://marc.info/?l=bugtraq&m=110608912525883&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/18947
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:database_server:10.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.1.0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.6.3:*:*:*:*:*:*:*
Information

Published : 2005-05-01 21:00

Updated : 2017-07-10 18:32

NVD link : CVE-2005-0298

Mitre link : CVE-2005-0298

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

oracle

  • database_server