Summary
This host is installed with Oracle Database Server and is prone to security bypass vulnerability.
Impact
Successful exploitation will allow attackers to gain access to an operating system account and execute commands.
Impact Level: Application/System
Solution
Apply patches from below link,
http://metalink.oracle.com
*****
NOTE: Ignore this warning if above mentioned patch is installed.
*****
Insight
A flaw exist in Oracle listener program, which allows attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands
Affected
Oracle Database Server versions 7.3.4, 8.0.6, and 8.1.6 are affected
Detection
Get the installed version with the help of tnslsnr service and check it is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2000-0818 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities