CVE-2007-4393 Information

Description

The installation script for orarun on SUSE Linux before 20070810 places the oracle user into the disk group which allows the local oracle user to read or write raw disk partitions.

Reference

http://osvdb.org/46403 http://secunia.com/advisories/26395 http://www.novell.com/linux/security/advisories/2007_16_sr.html