CVE-2004-1707

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle8i; Oracle9i; Application Server; Database Server Lite
Vendor: CVE Published:; 30 July 2004

Summary

The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.

References

http://secunia.com/advisories/12205

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/16839

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=109147677214087&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 26, 2005
Vulnerability published
Jul 30, 2004