Vulnerabilities > CVE-2000-0206 - Unspecified vulnerability in Oracle Oracle8I 8.1.5

CVSS 6.2 - MEDIUM

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

high complexity

oracle

exploit available

NVD

Published: 2000-03-05

Updated: 2008-09-10

Summary

The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Oracle8I 8.1.5	1

Exploit-Db

description	Oracle8i Standard Edition 8.1.5 for Linux Installer Vulnerability. CVE-2000-0206. Local exploit for linux platform
id	EDB-ID:19794
last seen	2016-02-02
modified	2000-03-05
published	2000-03-05
reporter	Keyser Soze
source	https://www.exploit-db.com/download/19794/
title	Oracle8i Standard Edition 8.1.5 for Linux Installer Vulnerability

References

http://archives.neohapsis.com/archives/bugtraq/2000-03/0023.html
http://www.securityfocus.com/bid/1035