The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/10829 | Vendor Advisory |
http://secunia.com/advisories/12205 | Exploit Patch Vendor Advisory |
http://marc.info/?l=bugtraq&m=109147677214087&w=2 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16839 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2004-07-29 21:00
Updated : 2017-07-10 18:31
NVD link : CVE-2004-1707
Mitre link : CVE-2004-1707
JSON object : View
CWE
Products Affected
oracle
- application_server
- application_server_portal
- oracle8i
- database_server_lite
- oracle9i