Vulnerabilities > CVE-2001-0832 - Local Security vulnerability in Oracle9i Enterprise Edition

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

oracle

NVD

Published: 2001-12-06

Updated: 2016-10-18

Summary

Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability."

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Database Server 8.0 Oracle Database Server 8.1 Oracle Database Server - Oracle Database Server 1.0.2.2 Oracle Database Server 4.0.8 Oracle Database Server 4.2.0 Oracle Database Server 4.2.3 Oracle Database Server 5.1 Oracle Database Server 7 Oracle Database Server 7.0.2 Oracle Database Server 7.0.64 Oracle Database Server 7.1.3 Oracle Database Server 7.1.4 Oracle Database Server 7.1.5 Oracle Database Server 7.3 Oracle Database Server 7.3.3 Oracle Database Server 7.3.4 Oracle Database Server 8 Oracle Database Server 8.0.1 Oracle Database Server 8.0.2 Oracle Database Server 8.0.3 Oracle Database Server 8.0.4 Oracle Database Server 8.0.5 Oracle Database Server 8.0.5.1 Oracle Database Server 8.0.6 Oracle Database Server 8.0.6.3 Oracle Database Server 8.1.5 Oracle Database Server 8.1.6 Oracle Database Server 8.1.7 Oracle Database Server 8.1.7.0.0 Oracle Database Server 8.1.7.4 Oracle Database Server 9 Oracle Database Server 9.0 Oracle Database Server 9.0.1	38

Summary

Vulnerable Configurations

References