I just tested some machines both with and without
Oracle's patch for the bug related to trusting
$ORACLE_HOME when calling dbsnmp.
Good news. The patch does indeed address the bug
related to using sym-links from ./dbsnmpc.log and
./dbsnmpw.log to over-write root-owned files that
Brock Teller reported on the other day.
However, Intelligent Agent 8.1.5 (the version Brock
reported on) does not have a patch available for it.
This is pretty strange considering that there's a
patch for 8.0.5 and that other 8.0.6 and 8.1.x
releases don't have the vulnerability.
=====
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com
