CVE-2004-1707

Опубликовано: 30 июл. 2004

Источник: nvd

CVSS2: 7.2

EPSS Средний

Описание

The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.

Ссылки

http://marc.info/?l=bugtraq&m=109147677214087&w=2
http://secunia.com/advisories/12205
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/10829
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16839
http://marc.info/?l=bugtraq&m=109147677214087&w=2
http://secunia.com/advisories/12205
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/10829
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16839

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:1.0.2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server_portal:3.0.9.8.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server_portal:9.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server_portal:9.0.2.3a:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_server_portal:9.0.2.3b:*:*:*:*:*:*:*

cpe:2.3:a:oracle:database_server_lite:5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:database_server_lite:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:database_server_lite:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5_.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6_.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.0.6_.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_8.1.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:oracle9i:standard_9.2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.12298

Средний

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-66ff-xg83-gqqx

github

почти 4 года назад