Format String Vulnerabilities in Oracle Listener Control for Oracle Database
CVE-2002-0857

Currently unrated

Key Information:

Vendor
Oracle
Status
Oracle8i
Database Server
Vendor
CVE Published:
5 September 2002

Summary

The Oracle Listener Control utility (lsnrctl) for various versions of Oracle Database contains format string vulnerabilities that may enable malicious remote attackers to execute arbitrary code on an Oracle DBA system. By manipulating specific configurations in the listener.ora file, attackers can exploit these vulnerabilities, potentially compromising database integrity and confidentiality.

References

http://otn.oracle.com/deploy/security/pdf/2002alert40rev1...
x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/301059
third-party-advisoryx_refsource_CERT-VN
http://securitytracker.com/id?1005037
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.