WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle Database Server Other Vulnerability (CVE-2001-0942)

Description

dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp.

Remediation

References

Related Vulnerabilities

MySQL CVE-2016-0641 Vulnerability (CVE-2016-0641)

Internet Information Services Configuration Vulnerability (CVE-2003-1566)

Ruby Inadequate Encryption Strength Vulnerability (CVE-2021-32066)

Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-6184)

OpenSSL Resource Management Errors Vulnerability (CVE-2008-1678)

Severity

Medium

Classification

CVE-2001-0942

Tags

Missing Update Known Vulnerabilities