Rule Category

SERVER-ORACLE -- Snort has detected traffic exploiting vulnerabilities in Oracle Database Server.

Alert Message

SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority buffer overflow attempt

Rule Explanation

This event is generated when an attempt is made to exploit a known vulnerability in an Oracle database server. Impact: Serious. Possible execution of arbitrary code and Denial of Service. Details: This event is generated when an attempt is made to exploit a known vulnerability in an Oracle database implementation. Multiple buffer overflow conditions are present in numerous packages and procedures. Exploitation of these vulnerable procedures may allow an attacker to execute code of their choosing as the user running the database. In the case of databases running on Microsoft Windows platforms, this is the Local System account which may mean a compromise of the operating system as well as the database. This event indicates that an attempt has been made to exploit a vulnerability in the procedure alter_site_priority . This procedure is included in sys.dbms_repcat_conf. Ease of Attack: Simple.

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Brian Caswell Alex Kirk Nigel Houghton

Rule Groups

No rule groups

CVE

None

Additional Links

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None