Bugtraq mailing list archives

RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6

From: "Ron Cohen" <sec () rony clara net>
Date: Sun, 5 Aug 2001 02:04:09 +0100

BY removing the suid bit from oracle, ay client connection originated
from non-oracle user will cause oracle to revert to tcp connection
instead of pipe. be prepared to a considerable performance degrading
if you choose this tactic.

        _rony



-----Original Message-----
From: pask () plazasite com [mailto:pask () plazasite com]
Sent: 02 August 2001 08:57
To: bugtraq () securityfocus com; oracle-l () faticity com
Subject: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6

   Title:     Vulnerability in oracle binary in Oracle 8.0.5

 ....

SOLUTION:
    Chmod -s ;-)))).

STATUS:
    Vendor was contacted .

----------------
This vulnerability was researched by:
Juan Manuel Pascual Escriba            pask () plazasite com










---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.265 / Virus Database: 137 - Release Date: 18/07/2001

Current thread:

vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Juan Manuel Pascual Escriba (Aug 02)
- RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Ron Cohen (Aug 04)
- RE: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Ron Cohen (Aug 05)
  - Re: vulnerability in oracle binary in Oracle 8.0.5 - 8.1.6 Pete Finnigan (Aug 08)