[12595] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Oracle 8 root exploit

daemon@ATHENA.MIT.EDU (Adam and Christine Levin)
Mon Nov 15 13:38:39 1999

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.SUN.4.10.9911151004400.9339-100000@westnet.com>
Date:         Mon, 15 Nov 1999 10:05:47 -0500
Reply-To: Adam and Christine Levin <levins@WESTNET.COM>
From: Adam and Christine Levin <levins@WESTNET.COM>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <382DD9B0.D2FE7755@usa.net>

On Sat, 13 Nov 1999, Tellier, Brock wrote:
> OVERVIEW
> A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user
> to obtain root privileges.

Confirmed for Oracle 8.0.5 on Solaris 2.6 SPARC.  We don't allow rsh
connections though (shut off in /etc/inetd.conf), so that's a workaround
for some people to use.

-Adam


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[12595] in bugtraq

Re: Oracle 8 root exploit

daemon@ATHENA.MIT.EDU (Adam and Christine Levin)Mon Nov 15 13:38:39 1999

daemon@ATHENA.MIT.EDU (Adam and Christine Levin)
Mon Nov 15 13:38:39 1999