Vulnerabilities > CVE-1999-1256 - Unspecified vulnerability in Oracle Database Assistant 1.0

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

oracle

NVD

Published: 1999-03-04

Updated: 2017-12-19

Summary

Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Database Assistant 1.0	1

References

http://marc.info/?l=ntbugtraq&m=92056752115116&w=2
http://www.securityfocus.com/archive/1/12744
https://exchange.xforce.ibmcloud.com/vulnerabilities/1902