Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0833

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0833
Last Modified 05 Sep 2008 04:25:01
Published 06 Dec 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0833

Summary

Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."

Vulnerable Systems

Application

  • Oracle Database Server 8.0

  • Oracle Database Server 8.1

  • Oracle Database Server 9.0.1


References

CONFIRM - http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf

BUGTRAQ - 20011023 FW: ASI Oracle Security Alert: 3 new security alerts

XF - oracle-binary-symlink(6940)

BID - 3139

CIAC - M-011

BUGTRAQ - 20011024 Oracle Trace Collection Security Vulnerability

BUGTRAQ - 20010802 vulnerability in otrcrep binary in Oracle 8.0.5.


Last Updated: 27 May 2016 10:36:24