Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0832

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2001-0832
Last Modified 05 Sep 2008 04:25:01
Published 06 Dec 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0832

Summary

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability."

Vulnerable Systems

Application

  • Oracle Database Server 8.0

  • Oracle Database Server 8.1

  • Oracle Database Server 9.0.1


References

CONFIRM - http://otn.oracle.com/deploy/security/pdf/oracle_race.pdf

BUGTRAQ - 20011023 FW: ASI Oracle Security Alert: 3 new security alerts


Last Updated: 27 May 2016 10:36:24