Re: Oracle 8 root exploit

Alan Olsen (alanCLUESERVER.ORG)
Fri, 19 Nov 1999 15:19:11 -0800

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Jeff Bilicki: "[ COBALT ] Security Advisory - syslog"
• Previous message: Alfred Huger: "Caldera Pine Advisory"

On Tue, 16 Nov 1999, Chris Calabrese wrote:

> I just tested some machines both with and without
> Oracle's patch for the bug related to trusting
> $ORACLE_HOME when calling dbsnmp.
>
> Good news. The patch does indeed address the bug
> related to using sym-links from ./dbsnmpc.log and
> ./dbsnmpw.log to over-write root-owned files that
> Brock Teller reported on the other day.
>
> However, Intelligent Agent 8.1.5 (the version Brock
> reported on) does not have a patch available for it.
> This is pretty strange considering that there's a
> patch for 8.0.5 and that other 8.0.6 and 8.1.x
> releases don't have the vulnerability.

Are there patches for earlier versions of Oracle? (Specifically 7.3.4.)
The exploit works on that version as well.

alanctrl-alt-del.com | Note to AOL users: for a quick shortcut to reply
Alan Olsen | to my mail, just hit the ctrl, alt and del keys.
    "In the future, everything will have its 15 minutes of blame."

• Next message: Jeff Bilicki: "[ COBALT ] Security Advisory - syslog"
• Previous message: Alfred Huger: "Caldera Pine Advisory"

This archive was generated by hypermail 2.0b3 on Mon Nov 22 1999 - 13:07:20 CST