PT-2000-1188 · Oracle · Oracle

Published

2000-03-05

Updated

2008-09-10

CVE-2000-0206

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle versions 8.1.5.x

Description The issue allows local users to gain privileges due to the installation of Oracle on Linux following symlinks and creating the orainstRoot.sh file with world-writeable permissions.

Recommendations For Oracle version 8.1.5.x, consider changing the permissions of the orainstRoot.sh file to prevent world-writeable access as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0206

Affected Products

Oracle

PT-2000-1188 · Oracle · Oracle

CVE-2000-0206

Related Identifiers

Affected Products

References · 4