14 matches found
EUVD-2002-0103
Malware in sbrugna...
Oracle9iAS Web Cache 2.0 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3443/info A buffer overflow condition can be triggered in Oracle 9iAS Web Cache 2.0.0.1.0 by submitting a malicious URL. This overflow can lead to either the process exiting, the process hanging, or the injection of...
Web Server HTTP User-Agent Header Handling Remote Overflow
It was possible to kill the web server by sending an invalid GET request with a long User-Agent field. A remote attacker may exploit this vulnerability to make the web server crash continually or possibly execute arbitrary code. C Tenable Network Security, Inc. Script audit and contributions from...
CVE-2002-0102
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via 1 a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and 2 a request to TCP port 4000 with a large number of "." characters...
CVE-2002-0103
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by 1 running webcached or 2 obtaining the administrator password from webcache.xml...
CVE-2002-0102
CVE-2002-0102 affects Oracle9iAS Web Cache 2.0.0.x. The vulnerability allows a remote attacker to cause a denial of service by sending crafted requests: to TCP ports 1100, 4000, 4001, or 4002 with a large number of null characters to TCP port 4000 with a large number of '.' charactersImpact per t...
CVE-2002-0102
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via 1 a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and 2 a request to TCP port 4000 with a large number of "." characters...
CVE-2002-0103
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by 1 running webcached or 2 obtaining the administrator password from webcache.xml...
CVE-2001-0836
CVE-2001-0836 describes a buffer overflow in Oracle9iAS Web Cache 2.0.0.1 that can be triggered by a long HTTP GET request, allowing a remote attacker to potentially execute arbitrary code on the affected system. Connected sources (OpenVAS NASL entries and Nessus plugin data) corroborate a relate...
CVE-2001-0836
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request...
[PTL-2002-01] Vulnerabilities in Oracle9iAS Web Cache
PenTest Limited www.pentest-limited.com Security Advisory Vulnerabilities in Oracle9iAS Web Cache Author: Mark Rowe [email protected] Pete Finnigan [email protected] Date: 7th January 2002 Reference: ptl-2002-01...
CVE-2001-0836
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request...
webcache.pl
Proof-of-concept exploit for Oracle9iAS Web Cache/2.0.0.1.0 Creates the file c:\defcom.iyd By [email protected] C2001 Since we do not control the space after what ESP points to, I was lazy and did a direct buffer jump. So, if it does not work, try changing the return addressstart of buffer in me...
def-2001-30
====================================================================== Defcom Labs Advisory def-2001-30 Oracle9iAS Web Cache/2.0.0.1.0 Multiple DoS and Buffer Overflow Authors: George Hedfors [email protected] Andreas Junestam [email protected] Release Date: 2001-10-18...