Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0942


Vulnerability Score 4.6 4.6
CVE Id CVE-2001-0942
Last Modified 10 Sep 2008 03:09:17
Published 29 Nov 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp.

Vulnerable Systems


  • Oracle Database Server 8.1.6

  • Oracle Database Server 8.1.7



XF - oracle-dbsnmp-home-validation(7645)

BID - 3137

BUGTRAQ - 20011130 ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability

Last Updated: 27 May 2016 10:36:28