7 matches found
Oracle 8.1.7 JSP/JSPSQL Remote File Reading Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2288/info A problem with Oracle on the Windows 2000 platform could allow users access to restricted information. This problem in the handling of input by the Oracle software may result in remote users being permitted read...
CVE-2001-0591
CVE-2001-0591 is a directory traversal vulnerability in Oracle JSP 1.0.x–1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 that allows remote attackers to read or execute arbitrary .jsp files via a '..' path traversal. The connected Nessus entry confirms the CVE is among Oracle Application Server vulnerab...
CVE-2001-0831
The CVE-2001-0831 issue concerns Oracle Label Security in Oracle 8.1.7 and 9.0.1. The vulnerability is triggered when audit functionality, SET_LABEL, or SQL*Predicate is used, enabling local users to gain additional access. This is a local privilege escalation vulnerability affecting the listed O...
CVE-2001-0326
The CVE-2001-0326 entry concerns Oracle Java Virtual Machine (JVM) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1. Description in connected sources indicates an information disclosure vulnerability: remote attackers could read arbitrary files via the .jsp and .sqljsp extens...
CVE-2001-0300
The CVE-2001-0300 issue pertains to the Oracle Internet Directory LDAP Daemon (oidldapd) version 2.1.1.1 included with Oracle 8i/8.1.7. The daemon writes logs to a directory (ldaplog) that has world‑writable permissions, enabling a local user to delete logs and, via a symlink attack, overwrite ot...
Дырка в oidldapd in из Oracle 8.1.7
Классическое переполнение буфера позволяет локальному пользователю получить привилегии root. Кроме того лог-файл создается без проверки символьных линков в открытой на запись директории...
Oracle 8.1.7 - JSPJSPSQL Remote File Reading
Oracle 8.1.7 - JSPJSPSQL Remote File Reading...