Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
1999-04-29 CVE-1999-0711 Unspecified vulnerability in Oracle Oracle8I
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.
local
low complexity
oracle
4.6
1999-03-04 CVE-1999-1256 Unspecified vulnerability in Oracle Database Assistant 1.0
Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file.
local
low complexity
oracle
4.6
1998-12-27 CVE-1999-1188 Unspecified vulnerability in Oracle Mysql 3.21
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
local
low complexity
oracle
4.6
1997-09-19 CVE-1999-1125 Unspecified vulnerability in Oracle Http Server
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.
network
low complexity
oracle
critical
10.0
1997-07-23 CVE-1999-1068 Unspecified vulnerability in Oracle Http Server 2.1
Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.
network
low complexity
oracle
5.0