PT-2002-1617 · Oracle · Oracle

Published

2002-07-03

Updated

2017-10-10

CVE-2002-0567

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Oracle versions 8i and 9i

Description The issue allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process, which is part of the PL/SQL package for External Procedures.

Recommendations For Oracle versions 8i and 9i, consider restricting access to the EXTPROC process to minimize the risk of exploitation. As a temporary workaround, consider disabling the EXTPROC process until a more permanent solution is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0567

Affected Products

Oracle

PT-2002-1617 · Oracle · Oracle

CVE-2002-0567

Related Identifiers

Affected Products

References · 8