Questions

Observations: Database Servers - > January 2005 Critical Patch Update

Tags:
+
0 Votes
Locked

Observations: Database Servers - > January 2005 Critical Patch Update

mihai.balta
The Remote Database Server Is Affected By Directory Traversal Flaws
Vulnerability Description: According to its version number, the installation of Oracle on the remote host is reportedly subject to multiple directory traversal vulnerabilities that may allow a remote attacker to read, write, or rename arbitrary files with the privileges of the Oracle Database server. An authenticated user can craft SQL queries such that they would be able to retrieve any file on the system and potentially retrieve and/or modify files in the same drive as the affected application.
Risk Level: High
The remote Oracle TNS listener replies with the following version:

TNSLSNR for 32-bit Windows: Version 9.2.0.3.0 - Production
TNS for 32-bit Windows: Version 9.2.0.3.0 - Production
Oracle Bequeath NT Protocol Adapter for 32-bit Windows: Version 9.2.0.3.0 - Production
Windows NT Named Pipes NT Protocol Adapter for 32-bit Windows: Version 9.2.0.3.0 - Production
Windows NT TCP/IP NT Protocol Adapter for 32-bit Windows: Version 9.2.0.3.0 ? Production
Initial Recommendation:
? Apply the January 2005 Critical Patch Update.


----
Where can we download the January 2005 Critical Patch Update for Oracle ??