5 matches found
Oracle 9i HTTP Server mod_plsql Directory Traversal - Ver2 (CVE-2001-1217)
A directory traversal vulnerability has been reported in Oracle Application Server. An attacker could exploit this vulnerability via a double encoded URL with "..". Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Oracle 9i Application Server mod_plsql Directory Traversal Vulnerability - Active Check
In a default installation of Oracle 9i Application Server AS, it is possible to use the modplsql module to perform a directory traversal attack. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
CVE-2001-1217
CVE-2001-1217 describes a directory traversal vulnerability in the PL/SQL Apache module (mod_plsql/mod_plsql) of Oracle 9i Application Server. The issue allows remote attackers to read sensitive files outside the web server’s root by crafting a request with double URL encoded sequences (..). Affe...
Oracle 9iAS mod_plsql Encoded Traversal Arbitrary File Access
In a default installation of Oracle 9iAS, it is possible to use the modplsql module to perform a directory traversal attack. This allows attackers to read arbitrary files on the server. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by...
CVE-2001-1217
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. dot dot sequences...