Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveOracleCVE-2009-1979
HistoryOct 22, 2009 - 6:30 p.m.

CVE-2009-1979

2009-10-2218:30:00
oracle
web.nvd.nist.gov
146
cve-2009-1979
oracle database
vulnerability
remote attackers
confidentiality
integrity
availability
unknown vectors
arbitrary code execution

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.959

Percentile

99.5%

JSON

Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an independent researcher that this is related to improper validation of the AUTH_SESSKEY parameter length that leads to arbitrary code execution.

Affected configurations

Nvd
Node
oracledatabase_serverMatch10.1.0.5
OR
oracledatabase_serverMatch10.2.0.4
VendorProductVersionCPE
oracledatabase_server10.1.0.5cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
oracledatabase_server10.2.0.4cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*

Related

checkpoint_advisories 3
prion 1
exploitdb 2
zdt 2
packetstorm 1
nvd 1
metasploit 1
exploitpack 1
seebug 4
cvelist 1
nessus 1
securityvulns 2
oracle 1
checkpoint_advisories
checkpoint_advisories
Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow - Ver2 (CVE-2009-1979)
2014-01-07 00:00:00
Oracle Database Server AUTH_SESSKEY Stack Buffer Overflow - Ver2 (CVE-2009-1979)
2014-02-03 00:00:00
Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow (CVE-2009-1979)
2009-11-01 00:00:00
prion
prion
Input validation
2009-10-22 18:30:00
exploitdb
exploitdb
Oracle 10gR2 - TNS Listener AUTH_SESSKEY Buffer Overflow (Metasploit)
2010-11-24 00:00:00
Oracle Database 10.1.0.5 < 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow
2009-10-30 00:00:00
zdt
zdt
Oracle Network Authentication CVE-2009-1979 Remote Buffer Overflow
2009-11-09 00:00:00
Oracle Database 10.1.0.5 - 10.2.0.4 AUTH_SESSKEY length validation
2009-10-30 00:00:00
packetstorm
packetstorm
Oracle TNS Listener AUTH_SESSKEY Buffer Overflow.
2010-01-22 00:00:00
nvd
nvd
CVE-2009-1979
2009-10-22 18:30:00
metasploit
metasploit
Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow
2010-01-21 00:05:18
exploitpack
exploitpack
Oracle Database 10.1.0.5 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow
2009-10-30 00:00:00
seebug
seebug
Oracle Database 10.1.0.5 - 10.2.0.4 AUTH_SESSKEY length validation exploit
2009-10-30 00:00:00
Oracle Network Authenticationη»„δ»ΆθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2009-11-03 00:00:00
Oracle Database 10.1.0.5 - 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow Vulnerability
2014-07-01 00:00:00
cvelist
cvelist
CVE-2009-1979
2009-10-22 18:00:00
nessus
nessus
Oracle Database Multiple Vulnerabilities (October 2009 CPU)
2011-11-16 00:00:00
securityvulns
securityvulns
Oracle multiple security vulnerabilities
2009-11-30 00:00:00
US-CERT Technical Cyber Security Alert TA09-294A -- Oracle Updates for Multiple Vulnerabilities
2009-10-22 00:00:00
oracle
oracle
Security | Oracle Critical Patch Update - October 2009
2009-10-20 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.959

Percentile

99.5%

JSON
Related for CVE-2009-1979
checkpoint_advisories3prion1exploitdb2zdt2packetstorm1nvd1metasploit1exploitpack1seebug4cvelist1nessus1securityvulns2oracle1