Threat Encyclopedia

Oracle9i.AS.Web.Cache.DoS

description-logoDescription

This indicates a Denial of Service attack against the Oracle9i Application Server Web Administration Module.
The vulnerability is caused because Oracle 9i Application Server has a web component that allows administrators to access it remotely. A malicious user can craft a request which, when sent to the Web Administration Module, will cause it to crash.

affected-products-logoAffected Products

Oracle Oracle9i Application Server 9.0.2.

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Use firewall techniques to restrict access to the Web Cache administration port.
Use the Secure Subnets feature of the Web Cache Manager tool to provide access only to administrators connecting from a list of permitted IP addresses or subnets.

CVE References

CVE-2002-0386