virus logo Intrusion Prevention

Oracle.Application.Server.SID.Brute.Force

2020-12-02 This signature was removed in version 16.972.

description-logoDescription

This indicates detection of multiple SQL logon attempts during a short period of time.
The repeated login attempts, at a rate of about 300 times in 10 seconds, may indicate that an attacker is attempting a brute force attack. Server responses to failed logins may facilitate this attack.

affected-products-logoAffected Products

Oracle Application Server 9.2, 10.1 & 10.2

Impact logoImpact

Impact of a successful attack could vary, with the worse case being a system compromise.

recomended-action-logoRecommended Actions

Adjust the threshold to your network.
Monitor the traffic from that network for any suspicious activity.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2020-12-02 16.972
Removed

References

http://carnal0wnage.attackresearch.com
ID 29513
Created Oct 26, 2011
Updated Dec 01, 2020
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows
Affected App Oracle
Profile Type Anomaly