Description

Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process.

Remediation

References

CVE-2002-0567

Related Vulnerabilities

Jenkins Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4440)

WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.1)

Oracle Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2001-1371)

Oracle Database Server CVE-2011-0870 Vulnerability (CVE-2011-0870)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-5624)

Severity

High

Classification

CVE-2002-0567

Tags

Missing Update Known Vulnerabilities