AnsweredAssumed Answered

Is there a QID for CVE 2012-3137

Question asked by royram on Oct 19, 2012
Latest reply on Oct 23, 2012 by djprakash

On 16th of Oct, Oracle has released a security update addressing 109 vulnerabilities in it;s 10 product line. Out of these 109 new vulnerabilities, 5 affect Oracle Database Server.  The most severe of these Database vulnerabilities has received a CVSS Base Score of 10.0 on Windows platforms and 7.5 on Linux and Unix platforms.  This vulnerability (CVE-2012-3137) is related to the “Cryptographic flaws in Oracle Database authentication protocol” disclosed at the Ekoparty Conference.

As per information available,

The authentication protocol in Oracle Database 11g 1 and 2 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability."

 

Do qualys have detection signature of this vulnerability.

Reference:

https://blogs.oracle.com/security/entry/october_2012_critical_patch_update

http://bot24.blogspot.in/2012/10/cve-2012-3137-oracle-database.html#!/2012/10/cve-2012-3137-oracle-database.html

http://www.securityfocus.com/bid/55651/info

http://www.darkreading.com/authentication/167901072/security/application-security/240007643/attack-easily-cracks-oracle-database-passwords.html

Outcomes