Bugtraq mailing list archives
RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6
From: "Ron Cohen" <sec () rony clara net>
Date: Sun, 5 Aug 2001 02:04:09 +0100
BY removing the suid bit from oracle, ay client connection originated from non-oracle user will cause oracle to revert to tcp connection instead of pipe. be prepared to a considerable performance degrading if you choose this tactic. _rony -----Original Message----- From: pask () plazasite com [mailto:pask () plazasite com] Sent: 02 August 2001 08:57 To: bugtraq () securityfocus com; oracle-l () faticity com Subject: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Title: Vulnerability in oracle binary in Oracle 8.0.5 .... SOLUTION: Chmod -s ;-)))). STATUS: Vendor was contacted . ---------------- This vulnerability was researched by: Juan Manuel Pascual Escriba pask () plazasite com --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.265 / Virus Database: 137 - Release Date: 18/07/2001
Current thread:
- vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Juan Manuel Pascual Escriba (Aug 02)
- RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Ron Cohen (Aug 04)
- RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Ron Cohen (Aug 05)
- Re: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Pete Finnigan (Aug 08)