Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.104084
Category:Nmap NSE net
Title:Nmap NSE net: oracle-enum-users
Summary:Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers (this bug was;fixed in Oracle's October 2009 Critical Patch Update).;;SYNTAX:;;userdb: The filename of an alternate username database.;;passdb: The filename of an alternate password database.;;tns.sid: specifies the Oracle instance to connect to;;unpwdb.userlimit: The maximum number of usernames;'usernames' will return (default unlimited).;;unpwdb.passlimit: The maximum number of passwords;'passwords' will return (default unlimited).;;oracle-enum-users.sid: the instance against which to attempt user;enumeration;;unpwdb.timelimit: The maximum amount of time that any iterator will run;before stopping. The value is in seconds by default and you can follow it;with 'ms', 's', 'm', or 'h' for;milliseconds, seconds, minutes, or hours. For example,;'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for;30 minutes. The default depends on the timing template level (see the module;description). Use the value '0' to disable the time limit.
Description:Summary:
Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers (this bug was
fixed in Oracle's October 2009 Critical Patch Update).

SYNTAX:

userdb: The filename of an alternate username database.

passdb: The filename of an alternate password database.

tns.sid: specifies the Oracle instance to connect to

unpwdb.userlimit: The maximum number of usernames
'usernames' will return (default unlimited).

unpwdb.passlimit: The maximum number of passwords
'passwords' will return (default unlimited).

oracle-enum-users.sid: the instance against which to attempt user
enumeration

unpwdb.timelimit: The maximum amount of time that any iterator will run
before stopping. The value is in seconds by default and you can follow it
with 'ms', 's', 'm', or 'h' for
milliseconds, seconds, minutes, or hours. For example,
'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for
30 minutes. The default depends on the timing template level (see the module
description). Use the value '0' to disable the time limit.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:P/A:P

CopyrightCopyright (C) 2011 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.