Privilege Escalation via Modified Library Files in Oracle Unix Systems

Privilege Escalation via Modified Library Files in Oracle Unix Systems

CVE-2004-1707 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.

Learn more about our User Device Pen Test.