Vulnerabilities
Vulnerable Software
Oracle:  >> Oracle8i  >> 8.1.5  Security Vulnerabilities
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
CVSS Score
9.0
EPSS Score
0.125
Published
2003-05-12
TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.
CVSS Score
5.0
EPSS Score
0.016
Published
2002-10-28
Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process.
CVSS Score
7.5
EPSS Score
0.018
Published
2002-07-03
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument.
CVSS Score
4.6
EPSS Score
0.008
Published
2001-01-09
Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable.
CVSS Score
4.6
EPSS Score
0.003
Published
2000-12-19
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges.
CVSS Score
6.2
EPSS Score
0.002
Published
2000-03-05
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.
CVSS Score
4.6
EPSS Score
0.002
Published
1999-08-16
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.
CVSS Score
4.6
EPSS Score
0.005
Published
1999-04-29


Contact Us

Shodan ® - All rights reserved