Vulnerabilities > CVE-2001-1041 - Unspecified vulnerability in Oracle Database Server 8.0/8.1/9.0.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
References
- http://marc.info/?l=bugtraq&m=100395579811880&w=2
- http://marc.info/?l=bugtraq&m=100395579811880&w=2
- http://marc.info/?l=bugtraq&m=99677282117387&w=2
- http://marc.info/?l=bugtraq&m=99677282117387&w=2
- http://otn.oracle.com/deploy/security/pdf/oracle_race.pdf
- http://otn.oracle.com/deploy/security/pdf/oracle_race.pdf
- http://www.securityfocus.com/bid/3135
- http://www.securityfocus.com/bid/3135