CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-0300

oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.5%

CVSS Severity

CVSS v2 Score 2.1

References

http://archives.neohapsis.com/archives/bugtraq/2000-12/0434.html
http://www.kb.cert.org/vuls/id/610904
https://exchange.xforce.ibmcloud.com/vulnerabilities/5804
http://archives.neohapsis.com/archives/bugtraq/2000-12/0434.html
http://www.kb.cert.org/vuls/id/610904
https://exchange.xforce.ibmcloud.com/vulnerabilities/5804

Products affected by CVE-2001-0300

Oracle » Internet Directory » Version: 2.1.1.1

cpe:2.3:a:oracle:internet_directory:2.1.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0300

Products

Pricing

Contact Us