CVE-2012-1675 - OpenCVE

The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka "TNS Poison."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Database Server

Configuration 1 [-]

OR	cpe:2.3:a:oracle:database_server:10.2.0.3:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.4:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.5:::::::*
	cpe:2.3:a:oracle:database_server:11.1.0.7:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.2:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.3:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.4:::::::*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html
http://seclists.org/fulldisclosure/2012/Apr/204
http://seclists.org/fulldisclosure/2012/Apr/343
http://www.kb.cert.org/vuls/id/359816
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html
http://www.securityfocus.com/bid/53308
http://www.securitytracker.com/id?1027000
https://blogs.oracle.com/security/entry/security_alert_for_cve_2012
https://exchange.xforce.ibmcloud.com/vulnerabilities/75303

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-05-08T22:00:00

Updated: 2024-08-06T19:08:36.975Z

Reserved: 2012-03-16T00:00:00

Link: CVE-2012-1675

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2012-05-08T22:55:01.010

Modified: 2018-08-23T12:51:09.087

Link: CVE-2012-1675

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-04-18T00:00:00", "descriptions": [{"lang": "en", "value": "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "SUSE-SU-2012:0765", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"}, {"name": "53308", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53308"}, {"name": "1027000", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027000"}, {"name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2012/Apr/343"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"}, {"name": "VU#359816", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/359816"}, {"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2012/Apr/204"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"}, {"name": "MDVSA-2013:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"name": "oracledatabase-tnslistener-spoofing(75303)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2012-1675", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SUSE-SU-2012:0765", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"}, {"name": "53308", "refsource": "BID", "url": "http://www.securityfocus.com/bid/53308"}, {"name": "1027000", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027000"}, {"name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2012/Apr/343"}, {"name": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012", "refsource": "CONFIRM", "url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"}, {"name": "VU#359816", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/359816"}, {"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2012/Apr/204"}, {"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"}, {"name": "MDVSA-2013:150", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"name": "oracledatabase-tnslistener-spoofing(75303)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:08:36.975Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2012:0765", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"}, {"name": "53308", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/53308"}, {"name": "1027000", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027000"}, {"name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2012/Apr/343"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"}, {"name": "VU#359816", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/359816"}, {"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2012/Apr/204"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"}, {"name": "MDVSA-2013:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"name": "oracledatabase-tnslistener-spoofing(75303)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2012-1675", "datePublished": "2012-05-08T22:00:00", "dateReserved": "2012-03-16T00:00:00", "dateUpdated": "2024-08-06T19:08:36.975Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E4AC251D-9313-4A54-9623-51DC0AEC46FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "9ACC1D6F-2EDD-4DAA-B9CE-CF516C2B35C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "EDEDE937-C3D7-421C-9F70-F546AB823E1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D7157D8-4959-4F6C-BFA0-D80862393AA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "165A1F85-076B-4216-8EF8-D67E6EC63A6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C1E11A25-C7CE-49DF-99CA-352FD21B8230", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""}, {"lang": "es", "value": "TNS Listener, tal como es usado en Oracle Database 11g 11.1.0.7, 11.2.0.2, y 11.2.0.3, y 10g 10.2.0.3, 10.2.0.4, y 10.2.0.5, y en Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, y posiblemente otros productos, permite a atacantes remotos ejecutar comandos de base de datos arbitrarios realizando un registro remoto de (1) una instancia o (2) nombre de servicio de base de datos que ya existe y, a continuaci\u00f3n, relizando un ataque de man-in-the-middle (MITM) para secuestrar conexiones de bases de datos. Tambi\u00e9n conocido como \"TNS Poison.\""}], "id": "CVE-2012-1675", "lastModified": "2018-08-23T12:51:09.087", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-05-08T22:55:01.010", "references": [{"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"}, {"source": "secalert_us@oracle.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2012/Apr/204"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2012/Apr/343"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/359816"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"}, {"source": "secalert_us@oracle.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/53308"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1027000"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"}, {"source": "secalert_us@oracle.com", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}