Oracle /tmp Race Condition Vulnerability

The Oracle binary, 'oracle', for Unix systems is believed to contain a race condition vulnerability.

The vulnerability is related to the use of temporary files in a user-definable directory. The filename is predictable.

Attackers can exploit this vulnerability to corrupt files writeable by user 'oracle' via a symbolic link attack.


 

Privacy Statement
Copyright 2010, SecurityFocus