Vulnerability Description
The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Listener | 7.3.4 |
References
- http://otn.oracle.com/deploy/security/pdf/listener_alert.pdfPatchVendor Advisory
- http://xforce.iss.net/alerts/advise66.phpVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5380
- http://otn.oracle.com/deploy/security/pdf/listener_alert.pdfPatchVendor Advisory
- http://xforce.iss.net/alerts/advise66.phpVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5380
FAQ
What is CVE-2000-0818?
CVE-2000-0818 is a vulnerability with a CVSS score of 10.0 (HIGH). The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_...
How severe is CVE-2000-0818?
CVE-2000-0818 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0818?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Listener.