Vulnerabilities > CVE-2001-0833 - Buffer Overflow vulnerability in Oracle OTRCREP Oracle Home Environment Variable
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."
Vulnerable Configurations
Exploit-Db
| description | Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow Vulnerability. CVE-2001-0833. Local exploit for unix platform |
| id | EDB-ID:21045 |
| last seen | 2016-02-02 |
| modified | 2001-08-02 |
| published | 2001-08-02 |
| reporter | Juan Manuel Pascual Escribá |
| source | https://www.exploit-db.com/download/21045/ |
| title | Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow Vulnerability |
References
- http://marc.info/?l=bugtraq&m=100386756715645&w=2
- http://online.securityfocus.com/archive/1/201295
- http://online.securityfocus.com/archive/1/222612
- http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf
- http://www.ciac.org/ciac/bulletins/m-011.shtml
- http://www.securityfocus.com/bid/3139
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6940