CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2002-0857
https://notcve.org/view.php?id=CVE-2002-0857
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. Vulnerabilidad de formato de cadenas en la utilidad Oracle Listener Control (lsnrctl) en Oracle 9.2, 9.0, 8.1 y 7.3.4 permite a atacantes remotos ejecutar código arbitrario el sitstema Oracle DBA mediante la introducción de cadenas de formato en ciertas entradas en fichero de configuración listener.ora • http://marc.info/?l=bugtraq&m=102933735716634&w=2 http://otn.oracle.com/deploy/security/pdf/2002alert40rev1.pdf http://securitytracker.com/id?1005037 http://www.kb.cert.org/vuls/id/301059 http://www.ngssoftware.com/advisories/ora-lsnrfmtstr.txt http://www.securityfocus.com/bid/5460 •
CVSS: 7.5EPSS: 3%CPEs: 27EXPL: 0CVE-2002-0567
https://notcve.org/view.php?id=CVE-2002-0567
Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process. • http://marc.info/?l=bugtraq&m=101301332402079&w=2 http://otn.oracle.com/deploy/security/pdf/plsextproc_alert.pdf http://www.cert.org/advisories/CA-2002-08.html http://www.kb.cert.org/vuls/id/180147 http://www.securityfocus.com/bid/4033 https://exchange.xforce.ibmcloud.com/vulnerabilities/8089 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1CVE-2001-0833 – Oracle OTRCREP Oracle 8/9 - Home Environment Variable Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0833
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." • https://www.exploit-db.com/exploits/21045 http://marc.info/?l=bugtraq&m=100386756715645&w=2 http://online.securityfocus.com/archive/1/201295 http://online.securityfocus.com/archive/1/222612 http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf http://www.ciac.org/ciac/bulletins/m-011.shtml http://www.securityfocus.com/bid/3139 https://exchange.xforce.ibmcloud.com/vulnerabilities/6940 •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 1CVE-2001-0941 – Oracle 8/9i - DBSNMP Oracle Home Environment Variable Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0941
Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable. • https://www.exploit-db.com/exploits/21044 http://marc.info/?l=bugtraq&m=100716693806967&w=2 http://otn.oracle.com/deploy/security/pdf/dbsmp_alert.pdf http://www.securityfocus.com/bid/3138 https://exchange.xforce.ibmcloud.com/vulnerabilities/7643 •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0942
https://notcve.org/view.php?id=CVE-2001-0942
dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp. • http://otn.oracle.com/deploy/security/pdf/dbsmp_alert.pdf http://seclists.org/lists/bugtraq/2001/Dec/0000.html http://www.securityfocus.com/bid/3137 https://exchange.xforce.ibmcloud.com/vulnerabilities/7645 •