2 matches found
CVE-2001-0300
oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory ldaplog that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack...
CVE-2001-0300
The CVE-2001-0300 issue pertains to the Oracle Internet Directory LDAP Daemon (oidldapd) version 2.1.1.1 included with Oracle 8i/8.1.7. The daemon writes logs to a directory (ldaplog) that has world‑writable permissions, enabling a local user to delete logs and, via a symlink attack, overwrite ot...