Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0818

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0818
Last Modified 05 Sep 2008 04:21:57
Published 19 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0818

Summary

The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.

Vulnerable Systems

Application

  • Oracle Listener 7.3.4

  • Oracle Listener 8.0.6

  • Oracle Listener 8.1.6


References

CONFIRM - http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf

ISS - 20001025 Vulnerability in the Oracle Listener Program

XF - oracle-listener-connect-statements(5380)


Last Updated: 27 May 2016 10:35:53