23 matches found
EUVD-2002-0102
Malware in sbrugna...
EUVD-2002-0103
Malware in sbrugna...
Oracle9iAS Web Cache 2.0 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3443/info A buffer overflow condition can be triggered in Oracle 9iAS Web Cache 2.0.0.1.0 by submitting a malicious URL. This overflow can lead to either the process exiting, the process hanging, or the injection of...
Oracle 9i Application Server Web Cache 'Too Long URL' DoS Vulnerability - Active Check
Oracle 9i Application Server AS Web Cache is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
HTTP User-Agent Overflow DoS Vulnerability
It was possible to kill the web server by sending an invalid GET request with a too long User-Agent field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
FreeBSD : apache -- http request smuggling (651996e0-fe07-11d9-8329-000e0c2e438a)
A Watchfire whitepaper reports an vulnerability in the Apache webserver. The vulnerability can be exploited by malicious people causing cross site scripting, web cache poisoining, session hijacking and most importantly the ability to bypass web application firewall protection. Exploiting this...
apache -- http request smuggling
A Watchfire whitepaper reports an vulnerability in the Apache webserver. The vulnerability can be exploited by malicious people causing cross site scripting, web cache poisoining, session hijacking and most importantly the ability to bypass web application firewall protection. Exploiting this...
CVE-2002-0947
CVE-2002-0947 describes a buffer overflow in the rwcgi60 CGI program used by Oracle Reports Server 6.0.8.18.0 and earlier (Oracle9iAS and other products). The vulnerability allows a remote attacker to execute arbitrary code via a long database name parameter. The Oracle RWCGI60 component handles ...
CVE-2002-0386
The CVE-2002-0386 entry concerns Oracle9iAS Web Cache, specifically the administration module of Oracle Web Cache in Oracle9iAS 9.0.2. The vulnerability allows remote denial of service (crash) via two conditions: (1) an HTTP GET containing a “..” sequence, and (2) a malformed HTTP GET with chunke...
Web Server HTTP User-Agent Header Handling Remote Overflow
It was possible to kill the web server by sending an invalid GET request with a long User-Agent field. A remote attacker may exploit this vulnerability to make the web server crash continually or possibly execute arbitrary code. C Tenable Network Security, Inc. Script audit and contributions from...
CVE-2002-0103
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by 1 running webcached or 2 obtaining the administrator password from webcache.xml...
CVE-2002-0102
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via 1 a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and 2 a request to TCP port 4000 with a large number of "." characters...
CVE-2002-0102
CVE-2002-0102 affects Oracle9iAS Web Cache 2.0.0.x. The vulnerability allows a remote attacker to cause a denial of service by sending crafted requests: to TCP ports 1100, 4000, 4001, or 4002 with a large number of null characters to TCP port 4000 with a large number of '.' charactersImpact per t...
CVE-2002-0103
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by 1 running webcached or 2 obtaining the administrator password from webcache.xml...
CVE-2002-0103
CVE-2002-0103 affects Oracle9iAS Web Cache 2.0.0.x. An installer creates executable and configuration files with insecure permissions, enabling local privilege escalation. Impacted scenarios include (1) executing webcached to gain privileges and (2) reading webcache.xml to obtain the administrato...
CVE-2002-0102
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via 1 a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and 2 a request to TCP port 4000 with a large number of "." characters...
CVE-2001-0836
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request...
CVE-2001-0836
CVE-2001-0836 describes a buffer overflow in Oracle9iAS Web Cache 2.0.0.1 that can be triggered by a long HTTP GET request, allowing a remote attacker to potentially execute arbitrary code on the affected system. Connected sources (OpenVAS NASL entries and Nessus plugin data) corroborate a relate...
[PTL-2002-01] Vulnerabilities in Oracle9iAS Web Cache
PenTest Limited www.pentest-limited.com Security Advisory Vulnerabilities in Oracle9iAS Web Cache Author: Mark Rowe [email protected] Pete Finnigan [email protected] Date: 7th January 2002 Reference: ptl-2002-01...
Переполнения буфера в Oracle9iAS Web Cache (buffer overflow)
Многочисленные переполнения буфера...