CVSS: 5.0EPSS: 78%CPEs: 7EXPL: 0CVE-2002-0562
https://notcve.org/view.php?id=CVE-2002-0562
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa. • http://marc.info/?l=bugtraq&m=101301440005580&w=2 http://otn.oracle.com/deploy/security/pdf/ias_modplsql_alert.pdf http://www.cert.org/advisories/CA-2002-08.html http://www.kb.cert.org/vuls/id/698467 http://www.securityfocus.com/bid/4034 •
CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0CVE-2002-0509
https://notcve.org/view.php?id=CVE-2002-0509
Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521. Transparent Network Substrate (TNS) Listener en Oracle 9i 9.0.1.1 permite a atacantes remotos causar una denegación de servicio (saturáción de CPU) mediante un paquete TCP malformado al puerto 1521. • http://online.securityfocus.com/archive/1/264697 http://www.iss.net/security_center/static/8657.php http://www.securityfocus.com/bid/4391 •
CVSS: 2.1EPSS: 93%CPEs: 5EXPL: 0CVE-2002-0568
https://notcve.org/view.php?id=CVE-2002-0568
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. • http://marc.info/?l=bugtraq&m=101301813117562&w=2 http://www.cert.org/advisories/CA-2002-08.html http://www.kb.cert.org/vuls/id/476619 http://www.nextgenss.com/papers/hpoas.pdf http://www.securityfocus.com/bid/4290 •
CVSS: 7.5EPSS: 85%CPEs: 9EXPL: 0CVE-2002-0561
https://notcve.org/view.php?id=CVE-2002-0561
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings. • http://marc.info/?l=bugtraq&m=101301813117562&w=2 http://otn.oracle.com/deploy/security/pdf/ias_modplsql_alert.pdf http://www.cert.org/advisories/CA-2002-08.html http://www.kb.cert.org/vuls/id/611776 http://www.nextgenss.com/papers/hpoas.pdf http://www.securityfocus.com/bid/4292 •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 0CVE-2001-0513
https://notcve.org/view.php?id=CVE-2001-0513
Oracle listener process on Windows NT redirects connection requests to another port and creates a separate thread to process the request, which allows remote attackers to cause a denial of service by repeatedly connecting to the Oracle listener but not connecting to the redirected port. • http://www.kb.cert.org/vuls/id/105259 http://www.osvdb.org/5600 http://xforce.iss.net/alerts/advise81.php https://exchange.xforce.ibmcloud.com/vulnerabilities/6717 •