RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6

From: Ron Cohen (secat_private)
Date: Sat Aug 04 2001 - 18:04:09 PDT

Next message: Andrea Costantino: "Massive attack to Alcatel Speed Touch Home & Pro"

Previous message: Paul Burney: "Re: phpBB 1.4.0 bug leads to easy admin privileges"
In reply to: Juan Manuel Pascual Escriba: "vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6"
Next in thread: Ron Cohen: "RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

BY removing the suid bit from oracle, ay client connection originated
from non-oracle user will cause oracle to revert to tcp connection
instead of pipe. be prepared to a considerable performance degrading
if you choose this tactic.

	_rony



-----Original Message-----
From: paskat_private [mailto:paskat_private]
Sent: 02 August 2001 08:57
To: bugtraqat_private; oracle-lat_private
Subject: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6

   Title:     Vulnerability in oracle binary in Oracle 8.0.5

 ....

SOLUTION:
    Chmod -s ;-)))).

STATUS:
    Vendor was contacted .

----------------
This vulnerability was researched by:
Juan Manuel Pascual Escriba            paskat_private










---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.265 / Virus Database: 137 - Release Date: 18/07/2001

Next message: Andrea Costantino: "Massive attack to Alcatel Speed Touch Home & Pro"
Previous message: Paul Burney: "Re: phpBB 1.4.0 bug leads to easy admin privileges"
In reply to: Juan Manuel Pascual Escriba: "vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6"
Next in thread: Ron Cohen: "RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Aug 04 2001 - 20:04:15 PDT