7421.txt

来自「This is the snapshot of Snot Latest Rule」· 文本 代码 · 共 55 行

Rule:

--
Sid:
7421

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in Oracle database systems.

--
Impact:
Serious. SQL injection and code execution is possible.

--
Detailed Information:
Certain Oracle functions and stored procedures may allow an attacker to execute code of their choosing on an affected host.

This event is generated when an attempt is made to access the function DBMS_EXPORT_EXTENSION.GET_V2_DOMAIN_INDEX_TABLES on a host using the Oracle database server.

--
Affected Systems:
All Oracle installations, check vendor advisories for all products and solutions.

--
Attack Scenarios:
An attacker could access the function DBMS_EXPORT_EXTENSION.GET_V2_DOMAIN_INDEX_TABLES and inject SQL code of their choosing to be executed on the server.

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Apply the appropriate vendor supplied patches.

--
Contributors:
Sourcefire Vulnerability Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

--