Password Vulnerability in Oracle Database Server
CVE-2004-1367

Currently unrated

Key Information:

Vendor

Oracle
Status
Oracle10g
Oracle8i
Oracle9i
Collaboration Suite
Vendor
CVE Published:
4 August 2004

What is CVE-2004-1367?

A vulnerability exists in Oracle 10g Database Server that occurs when installed with a password containing an exclamation point ('!') for the DBSNMP or SYSMAN user. This configuration leads to the generation of an error that logs the password in a world-readable postDBCreation.log file. As a result, local users may gain unauthorized access to this sensitive information, potentially leveraging it to access SYS or SYSTEM accounts, which may also use the same password.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=110382247308064&w=2
mailing-listx_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/316206
third-party-advisoryx_refsource_CERT-VN
http://www.us-cert.gov/cas/techalerts/TA04-245A.html
third-party-advisoryx_refsource_CERT

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.