8059.txt

This is the snapshot of Snot Latest Rules

Rule:

--
Sid:
8059

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in Oracle database systems.

--
Impact:
Serious. SQL injection and code execution is possible.

--
Detailed Information:
Certain Oracle functions and stored procedures may allow an attacker to execute code of their choosing on an affected host.

This event is generated when an attempt is made to access the function SYS.KUPW-WORKER on a host using the Oracle database server.

--
Affected Systems:
All Oracle installations, check vendor advisories for all products and solutions.

--
Attack Scenarios:
An attacker could access the function SYS.KUPW-WORKER and inject SQL code of their choosing to be executed on the server.

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Apply the appropriate vendor supplied patches.

--
Contributors:
Sourcefire Vulnerability Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

--