CVE-2001-0942

Name of the Vulnerable Software and Affected Versions Oracle versions 8.1.6 through 8.1.7

Description The issue allows local users to execute arbitrary programs by manipulating the ORACLE HOME environment variable to point to an alternate directory containing a malicious version of the dbsnmp program.

Recommendations For Oracle versions 8.1.6 and 8.1.7, consider restricting access to the dbsnmp program to prevent its misuse. As a temporary workaround, restrict modifications to the ORACLE HOME environment variable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.