Release DateNov 08, 2011 |
Severitylow |
ImpactDenial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates a Denial of Service attack against the Oracle9i Application Server Web Administration Module.The vulnerability is caused because Oracle 9i Application Server has a web component that allows administrators to access it remotely. A malicious user can craft a request which, when sent to the Web Administration Module, will cause it to crash. |
Affected ProductsOracle Oracle9i Application Server 9.0.2. |
Recommended ActionsUse firewall techniques to restrict access to the Web Cache administration port.Use the Secure Subnets feature of the Web Cache Manager tool to provide access only to administrators connecting from a list of permitted IP addresses or subnets. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2002-0386 |
Reference/shttp://www.securityfocus.com/bid/5902 (BugTraq) |
