When our team of security experts completes the research on a specific vulnerability, you receive a Level-1 alert via e-mail.
The Level-1 alert will allow you to
determine whether or not your systems are vulnerable, as well as show you step by step
instructions on how to alleviate the vulnerability. The link in the Level-1 alert
will also lead you to the detailed Level-2 report that has been written by our
security experts. Give the link in the example above a
try and see the extra information that our detailed reports provide.
Oracle dbsnmp Vulnerability
December 19, 1999
* H I G H R I S K * H I G H R I S K * H I G H R I S K * H I G H R I S K *
Application Type: Database
Application Name: Oracle Database Server
Application Version: 8.1.5 on Solaris 2.6 SPARC
8.0.5 on Solaris 2.6 SPARC
8.0.4 on Solaris 2.6 SPARC
8.0.3 on Solaris 2.6 SPARC
7.3.4 on Solaris 2.6 SPARC
8.0.5 on Linux x86
8.0.4 on Linux x86
8.0.3 on Linux x86
Platforms Affected: SPARC
Operating System Affected: Solaris
The affected versions of Oracle Database Server are vulnerable to a setuid
problem which will allow any user to compromise root on the server. The
exploit, which has been well published for both Solaris and Linux versions,
causes a setuid program to create a /.rhosts file when a specific environmental
variable is not set. More information can be found in the detailed Level-2
report listed below.
Remote Attack: No
Physical Access Required: No
Administrative Privilege Gained: Yes
Attack Scripts Available: Yes
All Solaris 2.6 SPARC systems running Oracle Database Server 8.1.5, 8.0.3-5,
or 7.3.4. Also, all Linux x86 systems running Oracle Database Server 8.0.3-5.
It is very possible that other unix versions are also vulnerable.
A patch has been released by the vendor and it can be found here:
The detailed Level-2 report for this vulnerability can be found at:
Copyright Internet Security Advisors Group, 1999
Please direct comments or questions to: firstname.lastname@example.org
Internet Security Advisors Group
If you like what you see and you'd
like to become one of the hundreds of companies that rely on SecureAlert to keep their
systems secure, just visit our signup page.