Page 3 of 15 results (0.006 seconds)

CVSS: 7.5EPSS: 85%CPEs: 9EXPL: 0

The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings. • http://marc.info/?l=bugtraq&m=101301813117562&w=2 http://otn.oracle.com/deploy/security/pdf/ias_modplsql_alert.pdf http://www.cert.org/advisories/CA-2002-08.html http://www.kb.cert.org/vuls/id/611776 http://www.nextgenss.com/papers/hpoas.pdf http://www.securityfocus.com/bid/4292 •

CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0

Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors. • http://www.kb.cert.org/vuls/id/291555 http://www.nextgenss.com/vna/ora-webcache.txt http://www.securityfocus.com/bid/4856 •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml. El programa de instalación para el Oracle9i Web cache 2.0.0.x crea ejecutables y archivos de configuración con permisos inseguros, que permiten a usuarios locales asignarse privilegios: (1) ejecutar webcache y (2) obtener la contraseña de administrador de webcache.xml. • http://marc.info/?l=bugtraq&m=101041510727937&w=2 http://otn.oracle.com/deploy/security/pdf/webcache2.pdf http://www.iss.net/security_center/static/7766.php http://www.iss.net/security_center/static/7768.php http://www.securityfocus.com/bid/3761 http://www.securityfocus.com/bid/3764 •

CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0

Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters. Oracle9i Web Cache 2.0.0.x permite a atacantes remotos causar una negación de servicio vía: (1) una petición a puertos TCP 1100, 4000, 4001, y 4002 con un número grande de carácteres nulos, (y 2) una petición al puerto 4000 TCP con un número grande de Carácteres "." . • http://otn.oracle.com/deploy/security/pdf/webcache2.pdf http://www.securityfocus.com/bid/3760 http://www.securityfocus.com/bid/3762 https://exchange.xforce.ibmcloud.com/vulnerabilities/7765 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1

Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. • https://www.exploit-db.com/exploits/21121 http://marc.info/?l=bugtraq&m=100342151132277&w=2 http://marc.info/?l=bugtraq&m=100395487007578&w=2 http://otn.oracle.com/deploy/security/pdf/webcache.pdf http://www.cert.org/advisories/CA-2001-29.html http://www.kb.cert.org/vuls/id/649979 http://www.osvdb.org/5534 https://exchange.xforce.ibmcloud.com/vulnerabilities/7306 •