ID CVE-2005-3641
Summary Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.
References
Vulnerable Configurations
  • Oracle Database Server 7.0.2
    cpe:2.3:a:oracle:database_server:7.0.2
  • Oracle Database Server 7.0.64
    cpe:2.3:a:oracle:database_server:7.0.64
  • Oracle Database Server 7.1.3
    cpe:2.3:a:oracle:database_server:7.1.3
  • cpe:2.3:a:oracle:database_server:7.1.5
  • cpe:2.3:a:oracle:database_server:7.3.3
  • cpe:2.3:a:oracle:database_server:7.3.4
  • cpe:2.3:a:oracle:database_server:8.0.1
  • cpe:2.3:a:oracle:database_server:8.0.2
  • cpe:2.3:a:oracle:database_server:8.0.3
  • cpe:2.3:a:oracle:database_server:8.0.4
  • cpe:2.3:a:oracle:database_server:8.0.5
  • cpe:2.3:a:oracle:database_server:8.0.5.1
  • Oracle Database Server 8.0.6
    cpe:2.3:a:oracle:database_server:8.0.6
  • cpe:2.3:a:oracle:database_server:8.0.6.3
  • cpe:2.3:a:oracle:database_server:8.1.5
  • Oracle Database Server 8.1.6
    cpe:2.3:a:oracle:database_server:8.1.6
  • cpe:2.3:a:oracle:database_server:8.1.7
  • cpe:2.3:a:oracle:database_server:8.1.7.4
  • Oracle Oracle9i Lite 5.0
    cpe:2.3:a:oracle:database_server_lite:5.0
  • Oracle Oracle9i Lite 5.0.1.0.0
    cpe:2.3:a:oracle:database_server_lite:5.0.1.0.0
  • Oracle Oracle9i Lite 5.0.2.0.0
    cpe:2.3:a:oracle:database_server_lite:5.0.2.0.0
  • Oracle Oracle9i Lite 5.0.2.9.0
    cpe:2.3:a:oracle:database_server_lite:5.0.2.9.0
  • cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2
    cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.2
  • cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.3
    cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.3
  • cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.3.1
    cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.3.1
  • cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.4
    cpe:2.3:a:oracle:oracle10g:enterprise_10.1.0.4
  • cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4.0
    cpe:2.3:a:oracle:oracle10g:enterprise_9.0.4.0
  • cpe:2.3:a:oracle:oracle10g:personal_10.1.0.2
    cpe:2.3:a:oracle:oracle10g:personal_10.1.0.2
  • cpe:2.3:a:oracle:oracle10g:personal_10.1.0.3
    cpe:2.3:a:oracle:oracle10g:personal_10.1.0.3
  • cpe:2.3:a:oracle:oracle10g:personal_10.1.0.3.1
    cpe:2.3:a:oracle:oracle10g:personal_10.1.0.3.1
  • cpe:2.3:a:oracle:oracle10g:personal_10.1.0.4
    cpe:2.3:a:oracle:oracle10g:personal_10.1.0.4
  • cpe:2.3:a:oracle:oracle10g:personal_9.0.4.0
    cpe:2.3:a:oracle:oracle10g:personal_9.0.4.0
  • cpe:2.3:a:oracle:oracle10g:standard_10.1.0.2
    cpe:2.3:a:oracle:oracle10g:standard_10.1.0.2
  • cpe:2.3:a:oracle:oracle10g:standard_10.1.0.3
    cpe:2.3:a:oracle:oracle10g:standard_10.1.0.3
  • cpe:2.3:a:oracle:oracle10g:standard_10.1.0.3.1
    cpe:2.3:a:oracle:oracle10g:standard_10.1.0.3.1
  • cpe:2.3:a:oracle:oracle10g:standard_10.1.0.4
    cpe:2.3:a:oracle:oracle10g:standard_10.1.0.4
  • cpe:2.3:a:oracle:oracle10g:standard_10.1.0.4.2
    cpe:2.3:a:oracle:oracle10g:standard_10.1.0.4.2
  • cpe:2.3:a:oracle:oracle10g:standard_9.0.4.0
    cpe:2.3:a:oracle:oracle10g:standard_9.0.4.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5.0.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5.0.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6.0.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6.0.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6.0.1
    cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6.0.1
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.0.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.0.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.0.2
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.0.2
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.1.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.1.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6.0.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6.0.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6.1.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6.1.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.0.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.0.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.1.0
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.1.0
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.4
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.4
  • cpe:2.3:a:oracle:oracle8i:standard_8.0.6
    cpe:2.3:a:oracle:oracle8i:standard_8.0.6
  • cpe:2.3:a:oracle:oracle8i:standard_8.0.6.3
    cpe:2.3:a:oracle:oracle8i:standard_8.0.6.3
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.5
    cpe:2.3:a:oracle:oracle8i:standard_8.1.5
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.6
    cpe:2.3:a:oracle:oracle8i:standard_8.1.6
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7.0.0
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7.0.0
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7.1
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7.1
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7.4
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7.4
  • cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7
    cpe:2.3:a:oracle:oracle9i:enterprise_8.1.7
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5_fips
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5_fips
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.2.4
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.2.4
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.4
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.4
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.5
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.6
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.6
  • cpe:2.3:a:oracle:oracle9i:personal_8.1.7
    cpe:2.3:a:oracle:oracle9i:personal_8.1.7
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.1
    cpe:2.3:a:oracle:oracle9i:personal_9.0.1
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4
    cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5
    cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5_fips
    cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5_fips
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.2.4
    cpe:2.3:a:oracle:oracle9i:personal_9.0.2.4
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.4
    cpe:2.3:a:oracle:oracle9i:personal_9.0.4
  • cpe:2.3:a:oracle:oracle9i:personal_9.2
    cpe:2.3:a:oracle:oracle9i:personal_9.2
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.5
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.6
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.6
  • cpe:2.3:a:oracle:oracle9i:standard_8.1.7
    cpe:2.3:a:oracle:oracle9i:standard_8.1.7
  • cpe:2.3:a:oracle:oracle9i:standard_9.0
    cpe:2.3:a:oracle:oracle9i:standard_9.0
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5_fips
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5_fips
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.2
    cpe:2.3:a:oracle:oracle9i:standard_9.0.2
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.2.4
    cpe:2.3:a:oracle:oracle9i:standard_9.0.2.4
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.4
    cpe:2.3:a:oracle:oracle9i:standard_9.0.4
  • cpe:2.3:a:oracle:oracle9i:standard_9.2
    cpe:2.3:a:oracle:oracle9i:standard_9.2
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.5
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.6
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.6
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.3
    cpe:2.3:a:oracle:oracle9i:standard_9.2.3
CVSS
Base: 7.5 (as of 17-11-2005 - 09:11)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
refmap via4
bid 15450
misc http://www.ngssoftware.com/papers/database-on-xp.pdf
Last major update 05-09-2008 - 16:54
Published 16-11-2005 - 16:22
Back to Top