PT-2005-1376 · Oracle · Oracle

Pete Finnigan

Published

2005-02-10

Updated

2017-07-11

CVE-2005-0298

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle versions 8i through 10g

Description The issue concerns the DIRECTORY objects in the affected Oracle versions, which store the location of a specific operating system directory. This allows users with read privileges to a DIRECTORY object to access sensitive information.

Recommendations For Oracle versions 8i through 10g, restrict read access to DIRECTORY objects to prevent unauthorized users from obtaining sensitive information. Consider revoking read privileges from users who do not require them.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0298

Affected Products

Oracle

PT-2005-1376 · Oracle · Oracle

CVE-2005-0298

Related Identifiers

Affected Products

References · 6