From: fotos@softhome.net
Date: Wed Jun 26 2002 - 16:09:10 EDT
In a pen-test of an Oracle Application Server
based on Apache http server, i have seen many vulnerabilities;
mod_ssl/2.8.x afected by Apache mod_ssl/Apache-SSL Buffer Overflow
Vulnerability (no public exploit available)
/soap/servlet/soaprouter afected by Oracle 9iAS SOAP components allow
anonymous users to deploy applications by default.
pls/updown/cntsample.startup for uploading and downloadig files from server,
but not works.
.....
And probably too affected by these vulnerabilities:
VU#500203 - Oracle9i Application Server Apache PL/SQL module vulnerable to
buffer overflow via help page request
VU#313280 - Oracle9i Application Server Apache PL/SQL module vulnerable to
buffer overflow via HTTP Location header
VU#750299 - Oracle9i Application Server Apache PL/SQL module vulnerable to
buffer overflow via HTTP request
VU#878603 - Oracle9i Application Server Apache PL/SQL module vulnerable to
buffer overflow via HTTP Authorization header
VU#659043 - Oracle9i Application Server Apache PL/SQL module vulnerable to
buffer overflow via Database Access Descriptor password
VU#923395 - Oracle9i Application Server Apache PL/SQL module vulnerable to
buffer overflow via cache directory name
VU#180147 - Oracle 9i Database Server PL/SQL module allows remote command
execution without authentication
I have try the pdf file "hacking proof oracle application server" obtaining
many information,
but i can't find any exploit for these vulnerabilities to gain remote
access.
Running over Solaris and Windows
żany ideas or sources?
sincerely, Peter.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:22 EDT