Published: 16/08/1999 Updated: 09/09/2008

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 470

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle database server 7.3.3
oracle oracle8i 8.0.3
oracle oracle8i 8.0.4
oracle oracle8i 8.0.5
oracle oracle8i 8.0.5.1
oracle database server 7.3.4
oracle oracle8i 8.1.5

source: wwwsecurityfocuscom/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user The problem lies in the dbsnmp program located in $ORACLE_HOME/bin This setuid root and setgid dba program trusts the environment variab ...

source: wwwsecurityfocuscom/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user The problem lies in the dbsnmp program located in $ORACLE_HOME/bin This setuid root and setgid dba program trusts the environment vari ...

NVD-CWE-Other http://www.securityfocus.com/bid/585 https://nvd.nist.gov https://www.exploit-db.com/exploits/19460/

CVE-1999-0888

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect