CVE Vulnerabilities

CVE-2004-1707

Published: Jul 30, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.

Affected Software

Name Vendor Start Version End Version
Application_server Oracle * *
Application_server Oracle 1.0.2 1.0.2
Application_server Oracle 1.0.2.1s 1.0.2.1s
Application_server Oracle 1.0.2.2 1.0.2.2
Application_server Oracle 1.0.2.2.2 1.0.2.2.2
Application_server Oracle 9.0.2 9.0.2
Application_server Oracle 9.0.2.0.0 9.0.2.0.0
Application_server Oracle 9.0.2.0.1 9.0.2.0.1
Application_server Oracle 9.0.2.1 9.0.2.1
Application_server Oracle 9.0.2.2 9.0.2.2
Application_server Oracle 9.0.2.3 9.0.2.3
Application_server Oracle 9.0.3 9.0.3
Application_server Oracle 9.0.3.1 9.0.3.1
Application_server_portal Oracle 3.0.9.8.5 3.0.9.8.5
Application_server_portal Oracle 9.0.2.3 9.0.2.3
Application_server_portal Oracle 9.0.2.3a 9.0.2.3a
Application_server_portal Oracle 9.0.2.3b 9.0.2.3b
Database_server_lite Oracle 5.0 5.0
Database_server_lite Oracle 5.0.1 5.0.1
Database_server_lite Oracle 5.0.2 5.0.2
Oracle8i Oracle enterprise_8.0.5_.0.0 enterprise_8.0.5_.0.0
Oracle8i Oracle enterprise_8.0.6_.0.0 enterprise_8.0.6_.0.0
Oracle8i Oracle enterprise_8.0.6_.0.1 enterprise_8.0.6_.0.1
Oracle8i Oracle enterprise_8.1.5_.0.0 enterprise_8.1.5_.0.0
Oracle8i Oracle enterprise_8.1.5_.0.2 enterprise_8.1.5_.0.2
Oracle8i Oracle enterprise_8.1.5_.1.0 enterprise_8.1.5_.1.0
Oracle8i Oracle enterprise_8.1.6_.0.0 enterprise_8.1.6_.0.0
Oracle8i Oracle enterprise_8.1.6_.1.0 enterprise_8.1.6_.1.0
Oracle8i Oracle enterprise_8.1.7_.0.0 enterprise_8.1.7_.0.0
Oracle8i Oracle enterprise_8.1.7_.1.0 enterprise_8.1.7_.1.0
Oracle8i Oracle standard_8.0.6 standard_8.0.6
Oracle8i Oracle standard_8.0.6_.3 standard_8.0.6_.3
Oracle8i Oracle standard_8.1.5 standard_8.1.5
Oracle8i Oracle standard_8.1.6 standard_8.1.6
Oracle8i Oracle standard_8.1.7 standard_8.1.7
Oracle8i Oracle standard_8.1.7_.0.0 standard_8.1.7_.0.0
Oracle8i Oracle standard_8.1.7_.1 standard_8.1.7_.1
Oracle8i Oracle standard_8.1.7_.4 standard_8.1.7_.4
Oracle9i Oracle client_9.2.0.1 client_9.2.0.1
Oracle9i Oracle client_9.2.0.2 client_9.2.0.2
Oracle9i Oracle enterprise_9.0.1 enterprise_9.0.1
Oracle9i Oracle enterprise_9.0.1.4 enterprise_9.0.1.4
Oracle9i Oracle enterprise_9.0.1.5 enterprise_9.0.1.5
Oracle9i Oracle enterprise_9.2.0 enterprise_9.2.0
Oracle9i Oracle enterprise_9.2.0.1 enterprise_9.2.0.1
Oracle9i Oracle enterprise_9.2.0.2 enterprise_9.2.0.2
Oracle9i Oracle enterprise_9.2.0.3 enterprise_9.2.0.3
Oracle9i Oracle enterprise_9.2.0.4 enterprise_9.2.0.4
Oracle9i Oracle personal_8.1.7 personal_8.1.7
Oracle9i Oracle personal_9.0.1 personal_9.0.1
Oracle9i Oracle personal_9.0.1.4 personal_9.0.1.4
Oracle9i Oracle personal_9.0.1.5 personal_9.0.1.5
Oracle9i Oracle personal_9.2 personal_9.2
Oracle9i Oracle personal_9.2.0.1 personal_9.2.0.1
Oracle9i Oracle personal_9.2.0.2 personal_9.2.0.2
Oracle9i Oracle personal_9.2.0.3 personal_9.2.0.3
Oracle9i Oracle personal_9.2.0.4 personal_9.2.0.4
Oracle9i Oracle standard_9.0 standard_9.0
Oracle9i Oracle standard_9.0.1 standard_9.0.1
Oracle9i Oracle standard_9.0.1.2 standard_9.0.1.2
Oracle9i Oracle standard_9.0.1.3 standard_9.0.1.3
Oracle9i Oracle standard_9.0.1.4 standard_9.0.1.4
Oracle9i Oracle standard_9.0.1.5 standard_9.0.1.5
Oracle9i Oracle standard_9.0.2 standard_9.0.2
Oracle9i Oracle standard_9.2 standard_9.2
Oracle9i Oracle standard_9.2.0.1 standard_9.2.0.1
Oracle9i Oracle standard_9.2.0.2 standard_9.2.0.2
Oracle9i Oracle standard_9.2.0.3 standard_9.2.0.3
Oracle9i Oracle standard_9.2.0.4 standard_9.2.0.4
Oracle9i Oracle standard_9.2.3 standard_9.2.3

References