The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 18.104.22.168, 22.214.171.124, and 126.96.36.199 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability."
Publish Date : 2012-09-21 Last Update Date : 2013-10-10
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 188.8.131.52, 184.108.40.206, and 220.127.116.11 all...
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.