CVE-2002-0857
published 2002-09-05CVE-2002-0857: Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | database_server | — | — |
| oracle | database_server | — | — |
| oracle | database_server | — | — |
| oracle | oracle8i | — | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=102933735716634&w=2http://otn.oracle.com/deploy/security/pdf/2002alert40rev1.pdfhttp://securitytracker.com/id?1005037http://www.kb.cert.org/vuls/id/301059http://www.ngssoftware.com/advisories/ora-lsnrfmtstr.txthttp://www.securityfocus.com/bid/5460http://marc.info/?l=bugtraq&m=102933735716634&w=2http://otn.oracle.com/deploy/security/pdf/2002alert40rev1.pdfhttp://securitytracker.com/id?1005037http://www.kb.cert.org/vuls/id/301059http://www.ngssoftware.com/advisories/ora-lsnrfmtstr.txthttp://www.securityfocus.com/bid/5460
2002-09-05
Published