Bugtraq: Re: Oracle 8 root exploit

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Oracle 8 root exploit

From: levins () WESTNET COM (Adam and Christine Levin)
Date: Mon, 15 Nov 1999 10:05:47 -0500


On Sat, 13 Nov 1999, Tellier, Brock wrote:

OVERVIEW
A vulnerability exists in Oracle 8.1.5 for UN*X which may allow any user
to obtain root privileges.


Confirmed for Oracle 8.0.5 on Solaris 2.6 SPARC.  We don't allow rsh
connections though (shut off in /etc/inetd.conf), so that's a workaround
for some people to use.

-Adam

By Date By Thread

Current thread:

Oracle 8 root exploit Tellier, Brock (Nov 13)
- Re: Oracle 8 root exploit Adam and Christine Levin (Nov 15)
- Re: Oracle 8 root exploit Jared Still (Nov 16)
- <Possible follow-ups>
- Re: Oracle 8 root exploit Martin Mevald (Nov 15)
- Re: Oracle 8 root exploit Antonomasia (Nov 15)
- Re: Oracle 8 root exploit Elias Levy (Nov 16)
  - Re: Oracle 8 root exploit Adam and Christine Levin (Nov 16)