Vulnerability Name: | CCN-3141 | ||||||
Published: | 1999-08-23 | ||||||
Updated: | 1999-08-23 | ||||||
Summary: | Oracle can be tricked into reading rogue configuration files via trusted environment variables. 'dbsnmp' then opens a 'trace' file that is owned by root and created with mode 666. This file can be linked out.
The second vulnerability again depends on trusted environment variables. 'dbsnmp' will execute rogue TCL scripts if environment variables are manipulated correctly. | ||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||
CVSS v2 Severity: | 7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||
Vulnerability Consequences: | Gain Privileges | ||||||
References: | Source: CCN Type: Internet Security Systems Security Alert #36 Additional Root Compromise Vulnerabilities in Oracle 8 Source: CCN Type: Oracle Web site Oracle Support Services Source: XF Type: UNKNOWN oracle-dbsnmp-trace(3141) | ||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
BACK |