Re: Oracle 8 root exploit

From: Adam and Christine Levin (levinsat_private)
Date: Mon Nov 15 1999 - 07:05:47 PST

Next message: Martin Mevald: "Re: Oracle 8 root exploit"

Previous message: Elias Levy: "Re: BIND bugs of the month (spoofing secure Web sites?)"
Maybe in reply to: Tellier, Brock: "Oracle 8 root exploit"
Next in thread: Martin Mevald: "Re: Oracle 8 root exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 13 Nov 1999, Tellier, Brock wrote:
> OVERVIEW
> A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user
> to obtain root privileges.

Confirmed for Oracle 8.0.5 on Solaris 2.6 SPARC.  We don't allow rsh
connections though (shut off in /etc/inetd.conf), so that's a workaround
for some people to use.

-Adam

Next message: Martin Mevald: "Re: Oracle 8 root exploit"
Previous message: Elias Levy: "Re: BIND bugs of the month (spoofing secure Web sites?)"
Maybe in reply to: Tellier, Brock: "Oracle 8 root exploit"
Next in thread: Martin Mevald: "Re: Oracle 8 root exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:12:35 PDT