2008-0339 | Oracle Database Server Remote Code Execution (BID-27229 / XFDB-39753)
|CVSS Meta Temp Score||Current Exploit Price (≈)||CTI Interest Score|
A vulnerability was found in Oracle Database Server 18.104.22.168dv (Database Software). It has been classified as very critical. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:
Unspecified vulnerability in the XML DB component in Oracle Database 22.214.171.124, 126.96.36.199DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.
The weakness was published 01/17/2008 by Esteban Martinez Fayo (Alex) with Application Security, Inc. (Website). The advisory is shared at us-cert.gov. This vulnerability is uniquely identified as CVE-2008-0339 since 01/17/2008. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Technical details are unknown but a public exploit is available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 07/30/2021).
A public exploit has been developed in SQL. It is declared as proof-of-concept. The exploit is shared for download at securityfocus.com. We expect the 0-day to have been worth approximately $25k-$100k. The vulnerability scanner Nessus provides a plugin with the ID 56059 (Oracle Database Multiple Vulnerabilities (January 2008 CPU)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Databases. The commercial vulnerability scanner Qualys is able to test this issue with plugin 19227 (Oracle January 2008 Security Update Multiple Vulnerabilities).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 8834.
The vulnerability is also documented in the databases at SecurityFocus (BID 27229), X-Force (39753), Vulnerability Center (SBV-17372) and Tenable (56059). Similar entries are available at 40615, 40614, 40613 and 40612.
VulDB Meta Base Score: 9.8
VulDB Meta Temp Score: 9.3
NVD Base Score: 🔍
Saint ID: exploit_info/oracle_xdb_pitrig_truncate
Saint Name: Oracle XDB component PITRIG_TRUNCATE buffer overflow
01/15/2008 +5 days 🔍
01/17/2008 +1 days 🔍
01/17/2008 +0 days 🔍
01/17/2008 +0 days 🔍
01/20/2008 +3 days 🔍
11/16/2011 +1396 days 🔍
03/16/2015 +1216 days 🔍
04/18/2016 +399 days 🔍
07/30/2021 +1929 days 🔍Vendor: https://www.oracle.com
CVE: CVE-2008-0339 (🔍)
SecurityFocus: 27229 – Oracle January 2008 Critical Patch Update Multiple Vulnerabilities
Vulnerability Center: 17372 – [cpujan2008-086860] Oracle Database Critical Patch Jan. 2008: Unspecified Vulnerability in XML DB Component [DB01], Medium
Use the official API to access entries easily!