Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-1707

4 documents4 sources

Severity

7.2HIGH

EPSS

12.3%

top 6.14%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Application Server Oracle Application Server Portal Oracle Database Server Lite +2 more

Timeline

PublishedJul 30

Latest updateApr 29

Description

The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages5 packages

▶NVDoracle/database5.0, 5.0.1, 5.0.2+2

▶NVDoracle/oracle8i18 versions+17

▶NVDoracle/oracle9i32 versions+31

▶NVDoracle/application4 versions+3

▶NVDoracle/application_server12 versions+11

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-66ff-xg83-gqqx: The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9↗2022-04-29

▶

CVEList

CVE-2004-1707: The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9↗2005-02-26

▶

💥Exploits & PoCs

Exploit-DB

Oracle9i Database - Default Library Directory Privilege Escalation↗2004-07-30

▶