Vulnerability Name:

CCN-3141

Published:1999-08-23
Updated:1999-08-23
Summary:Oracle can be tricked into reading rogue configuration files via trusted environment variables. 'dbsnmp' then opens a 'trace' file that is owned by root and created with mode 666. This file can be linked out.

The second vulnerability again depends on trusted environment variables. 'dbsnmp' will execute rogue TCL scripts if environment variables are manipulated correctly.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: Internet Security Systems Security Alert #36
Additional Root Compromise Vulnerabilities in Oracle 8

Source: CCN
Type: Oracle Web site
Oracle Support Services

Source: XF
Type: UNKNOWN
oracle-dbsnmp-trace(3141)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:oracle:database_server:8.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:8.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:7.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:7.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:8.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:8.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:database_server:8.0.5.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    oracle database server 8.1.5
    oracle database server 8.0.5
    oracle database server 7.3.3
    oracle database server 7.3.4
    oracle database server 8.0.3
    oracle database server 8.0.4
    oracle database server 8.0.5.1