CVE-2008-6065

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 10.1, 10.2, and 11g

Description The issue allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges. This is achieved by aliasing the pathname of the password directory in a CREATE OR REPLACE DIRECTORY statement and then overwriting the password file through UTL FILE operations.

Recommendations For Oracle Database Server versions 10.1, 10.2, and 11g, consider restricting the CREATE ANY DIRECTORY privilege to prevent unauthorized users from creating directory aliases that could lead to SYSDBA privilege escalation. As a temporary workaround, restrict access to the UTL FILE operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.