Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0499Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Oracle8i

5 documents4 sources
Severity
10.0CRITICALNVD
EPSS
74.9%
top 1.13%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Oracle8i
Timeline
PublishedJul 21
Latest updateApr 30

Description

Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 8.1.7 and earlier allows remote attackers to gain privileges via a long argument to the commands (1) STATUS, (2) PING, (3) SERVICES, (4) TRC_FILE, (5) SAVE_CONFIG, or (6) RELOAD.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDoracle/oracle8i8.1.7

🔴Vulnerability Details

2
GHSA
GHSA-x55p-rh55-qcxv: Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 82022-04-30
CVEList
CVE-2001-0499: Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 82001-07-27

💥Exploits & PoCs

2
Exploit-DB
Oracle 8i - TNS Listener 'ARGUMENTS' Remote Buffer Overflow (Metasploit)2010-11-24
Exploit-DB
Oracle 8i - TNS Listener Buffer Overflow2001-07-20
CVE-2001-0499 — Oracle Oracle8i vulnerability | cvebase