Any oracle, ias, iasr2, or iasdb users with local access to an Oracle database can gain root privileges through the Oracle installation. Versions affected include, but are not limited to: Oracle 8i Linux Platform, Oracle 9i Linux Platform, Oracle 8i HP-UX Platform, Oracle 9i Solaris Platform, Oracle IAS 9.0.2.0.1 with patchset v9.0.2.3.
374ead87c238f3fb52d963a015b0dde48d33ed997d595aa399dd82eaeb345c63
Any user with AAO privileges over the onshowaudit binary in IBM's Informix IDSv9.40 can read any system file.
72ed995c0d9c55f14fcc3e3b6054b130f3018ce7a50d8030dfc3d03869c0a948
A local vulnerability exists in the IBM Informix IDSv9.40 onedcu binary that allows local users to overwrite any root owned file.
db72f511fe4d56d0ece80a8d419ef2589c072cffdbf4185599095797b18a579e
A stack-based buffer overflow exists in the ONCONFIG environment variable read process when it is bigger than 495 bytes and read in by the IBM Informix IDSv9.40 ontape binary.
237129932a9575d521e132d6ce68b9b05c5f0b848a26bc2b6672c672bcf3702a
Local root exploit for IBM DB2 Universal Database version 7.2 for Linux/s390 which makes use of the db2licm binary that is setuid by default.
ccb20c18f85e2c98e30d47ca465bac0c1611eb9129899f18dfd2745dcb29c56e
Oracle 8.1.6.0.0 local exploit for the dbsnmp binary. Gives uid=oracle shell. Tested on Red Hat 6.2.
d5ef5c71547dbb0ab80a21d8e2640abc52b98797fa1bf2a190144680962eafd4
Oracle 8.0.5 local exploit - Gives UID=oracle via a buffer overflow in otrcrep binary. Tested on Linux.
d15db2d3ef39c249b21725fb76411b54d33502941e840a661aeb1f0a71e6b8a2