Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:118277
HistoryJul 12, 2001 - 12:00 a.m.

The Oracle Internet Directory LDAP (oidldapd) contains buffer overflow

2001-07-1200:00:00
www.kb.cert.org
21

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

15.9%

JSON

Overview

Oracle Internet Directory version 2.0.6, which ships with Oracle version 8i for Linux (8.1.6), contains a program, oidldapd, that is an LDAP Daemon. There is a buffer overflow in the LDAP Daemon that allows a local user to obtain the euid of the oidldapd process, typically user oracle.

Description

There is a buffer overflow in the oidldapd with regard to the β€œconnect” option. Since oidldapd typically runs as user oracle, this vulnerability can be used by local users to obtain euid of user oracle. As a result of the default installation, user oracle owns all database files. An exploit has been published.

Impact

All database files can be edited/deleted by a malicious user. A local user can obtain privileges of the oidldapd process, typically oracle.

Solution

Oracle encourages all Linux directory developers to upgrade to Oracle Internet Directory, v2.1.1, part of the Oracle 8.1.7 (8i Release 3) server media pack, from <http://technet.oracle.com/&gt;.

If you use a UFS filesystem, use chmod to set the file permissions to 710 for the oidldapd and oidmon executables. For other filesystems (e.g. AFS) use equivalent settings to restrict access to privileged users only.

Vendor Information

118277

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Oracle __ Affected

Notified: October 16, 2000 Updated: July 12, 2001

Status

Affected

Vendor Statement

See <http://www.securityfocus.com/archive/1/157228&gt;

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23118277 Feedback>).

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was first published by Juan Manuel Pascual Escriba in a Plazasite advisory.

This document was written by Jason Rafail.

Other Information

CVE IDs: CVE-2000-0987
Severity Metric: 9.00 Date Public:

Related

cve 1
cve
cve
CVE-2000-0987
2000-12-19 05:00:00

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0005 Low

EPSS

Percentile

15.9%

JSON
Related for VU:118277
cve1