CVE-ID

CVE-2001-0499

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 8.1.7 and earlier allows remote attackers to gain privileges via a long argument to the commands (1) STATUS, (2) PING, (3) SERVICES, (4) TRC_FILE, (5) SAVE_CONFIG, or (6) RELOAD.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20010605 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20050509)
Votes (Legacy)
ACCEPT(3) Armstrong, Cole, Ziese
MODIFY(1) Frech
NOOP(3) Christey, Foat, Wall
Comments (Legacy)
 Frech> XF:oracle-tns-listener-bo(6758)
   CONFIRM:http://otn.oracle.com/deploy/security/pdf/nai_net8_bof.pdf
 Christey> CERT:CA-2001-16
   URL:http://www.cert.org/advisories/CA-2001-16.html
   CIAC:L-108
   URL:http://ciac.llnl.gov/ciac/bulletins/l-108.shtml
   CERT-VN:VU#620495
   URL:http://www.kb.cert.org/vuls/id/620495
   BID:2941
   URL:http://www.securityfocus.com/bid/2941
 Christey> Consider adding BID:2941
 Christey> BUGTRAQ:20021126 Oracle TNS SEH Exploit
   URL:http://marc.theaimsgroup.com/?l=bugtraq&m=103833206805744&w=2
 Christey> CONFIRM:http://otn.oracle.com/deploy/security/pdf/nai_net8_bof.pdf

Proposed (Legacy)
20010727
This is an entry on the CVE list, which standardizes names for security problems.