CVE-2022-21593

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: OHS Config MBeans. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP...

CVE-2022-21593

Oracle Fusion Middleware’s Oracle HTTP Server (OHS Config MBeans) is affected for versions 12.2.1.3.0 and 12.2.1.4.0. The CVE-2022-21593 vulnerability enables an unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server, potentially gaining unauthorized access to data...

Oracle Enterprise Manager Cloud Control (Apr 2020 CPU)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2020 CPU advisory. - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that...

CVE-2020-2961

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework Oracle OHS. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2020-2961

CVE-2020-2961 affects Oracle Enterprise Manager Base Platform (Discovery Framework/Oracle OHS). Connected sources confirm affected versions: 13.2.0.0 and 13.3.0.0. The vulnerability allows an unauthenticated attacker, over HTTP, to compromise the Enterprise Manager Base Platform, potentially lead...

Design/Logic Flaw

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: OHS Config MBeans. Supported versions that are affected are 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle...

CVE-2019-2751

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: OHS Config MBeans. Supported versions that are affected are 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle...

CVE-2019-2751

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: OHS Config MBeans. Supported versions that are affected are 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle...

Oracle Fusion Middleware Oracle HTTP Server (Jul 2019 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as noted in the July 2019 CPU advisory : - A privilege escalation vulnerability exists in the web listener component. An authenticated, local attacker can exploit this, to gain privileged...

Oracle Application Server 9.0 HTTP Service Mod_Access Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. This is accomplished using 'modaccess'. A...

CVE-2005-1383

The CVE-2005-1383 issue affects Oracle Application Server’s Oracle HTTP Server (OHS) when UseWebCacheIP is disabled. An attacker can bypass mod_access restrictions by sending a request to the webcache TCP port 7778, leading to unauthorized access to protected resources. Connected advisories confi...

CVE-2005-1383

The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server modaccess restrictions via a request to the webcache TCP port 7778...

Oracle Application Server Webcache Requests OHS mod_access Restriction Bypass

The version of Oracle HTTP Server OHS installed on the remote host fails to prevent users from accessing protected URLs by using the Web Cache rather than OHS directly. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18181; scriptversion"1.17";...

Webcache Client Requests bypasses OHS mod_access restrictions

Name Webcache Client Requests bypasses OHS modaccess Restrictions Systems Affected Oracle Application Server - OHS 1.0.2 - 10.x Severity Low Risk Category Bypass protected URLs via Webcache Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 200...

Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass

source: https://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. This is accomplished using 'modaccess'. A URI that is listed is not supposed...

Oracle Application Server Web Cache OHS mod_access Authentication Bypass

Binary data 2866.prm...

Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass

Oracle Application Server 9.0 - HTTP Service ModAccess Restriction Bypass source: https://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. Th...