CVE-2001-0300

oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.

Date published : 2001-04-04

http://archives.neohapsis.com/archives/bugtraq/2000-12/0434.html

http://www.kb.cert.org/vuls/id/610904