Дырка в oidldapd in из Oracle 8.1.7

Классическое переполнение буфера позволяет локальному пользователю получить привилегии root. Кроме того лог-файл создается без проверки символьных линков в открытой на запись директории...

vulnerability #2 in Oracle Internet Directory 2.1.1.1 in Oracle 8.1.7

This Feature seems to be new with oidldapd in OID 2.1.1.1/8.1.7 i couldnt reproduce with oidldapd in OID 2.0.6.3 and seems to be very dangerous. Look at this. In my system occurs the next: my ORACLEHOME=/work/oracle8ir3 oracle@dimoniet bin$ cd /work/oracle8ir3/ldaplog oracle@dimoniet log$ ls -alc...

vulnerability #1 in Oracle Internet Directory 2.1.1.1 in Oracle 8.1.7

WWW.PLAZASITE.COM System & Security Division Title: Vulnerability in oidldapd in Oracle 8.1.7 Date: 10-12-2000 Platform: Only tested in Linux, but can be exported to others. Impact: Any user gain euid=root. Author: Juan Manuel Pascual [email protected] Status: Vendor Contacted answers received...