An attacker can get LM/NTLM hash of a oracle's host server by sending a legal SQL command containing the IP address of a SMB sniff server.
Applying brute force attack to LM/NTLM hash could possibly crack the server's admin password.
This does not indicates any vulnerabilities.
Windows server with any Oracle database system installed.
System Compromise: Remote attackers can gain control of vulnerable systems.
Use stronger password could lower the risk of brute force cracking.