27 matches found
CVE-1999-0711
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root...
EUVD-1999-0692
Malware in sbrugna...
EUVD-1999-0869
Malware in sbrugna...
EUVD-2005-3440
Malware in sbrugna...
EUVD-2025-24182
Malicious code in bioql PyPI...
Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...
Oracle 8 oratclsh Suid Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/159/info Oracle8 is an enterprise level database. As part of the Internet Agent option installation process it installs the file $ORACLEHOME/bin/oratclsh as suid root. oratclsh is a TCL application that provides full acce...
Oracle <= 8 8.1.5 Intelligent Agent Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/585/info A vulnerability in the Oracle Intelligent Agent allows local malicious users to execute arbitrary commands and to create world writable files as the root user. The problem lies in the dbsnmp program located in...
Oracle Database Multiple Vulnerabilities (October 2005 CPU)
The remote Oracle database server is missing the October 2005 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture - Data Guard Logical Standby - Data Pump Export - Database Scheduler - Export - Locale - Materialize...
Oracle Database Multiple Vulnerabilities (April 2006 CPU)
The remote Oracle database server is missing the April 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Replication - Dictionary - Export - Log Miner - ModPL/SQL for Apache - Oracle Enterprise Manager Intelligent Agen...
Design/Logic Flaw
Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln DB07...
CVE-2006-1872
Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln DB07...
CVE-2005-3441
Unspecified vulnerability in Intelligent Agent in Oracle Database Server 9i up to 9.0.1.5 has unknown impact and attack vectors, aka Oracle Vuln DB14...
CVE-2005-3441
Technical details about CVE-2005-3441 are not publicly provided in the supplied documents. Monitor for updates.
ASI Oracle Security Alert: Oracle Home Environment Variable Validation Vulnerability
Oracle Home Environment Variable Validation Vulnerability For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: The dbsnmp executable can be manipulated to run programs from the wrong...
ASI Oracle Security Alert: CHOWN Path Environment Variable Vulnerability
CHOWN Path Environment Variable Vulnerability For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: The vulnerability only affects Oracle 8.0.5 and 8.1.5. The dbsnmp file executes the CHOWN...
ASI Oracle Security Alert: Oracle Home Environment Variable Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Home Environment Variable Buffer Overflow For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: By setting a long ORACLEHOME value more...
CVE-1999-0888
The CVE-1999-0888 entry concerns dbsnmp in Oracle Intelligent Agent. Local users can gain privileges by manipulating the ORACLE_HOME environment variable, which dbsnmp uses to locate the nmiconf.tcl script. The vulnerability affects the component responsible for Oracle Agent operations and has a ...
CVE-1999-0888
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLEHOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script...
oracle_intelligent_agent.txt
START OF BUGTRAQ POST Oracle installations with the 'Oracle Intelligent Agent' installed have a path related vulnerability. The problem lies in the dbsnmp program located in $ORACLEHOME/bin . This setuid root program calls a tcl script nmiconf.tcl located by default in...