PT-2001-2094 · Oracle · Oracle

Published

2001-11-30

Updated

2017-07-11

CVE-2001-0941

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Oracle versions 8.0.6 through 9.0.1

Description A buffer overflow issue exists in the dbsnmp component, allowing local users to execute arbitrary code by manipulating the ORACLE HOME environment variable, specifically by setting it to a long value.

Recommendations For Oracle versions 8.0.6 through 9.0.1, consider restricting access to the dbsnmp component until a fix is available, and avoid using long values for the ORACLE HOME environment variable to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0941

Affected Products

Oracle

PT-2001-2094 · Oracle · Oracle

CVE-2001-0941

Related Identifiers

Affected Products

References · 7