Title: Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability
Severity: HIGH
Description:
Oracle Single Sign-On (OSSO) is a customized login form that allows web clients to sign in once, and be authenticated to multiple web applications.
A vulnerability has been identified in the application that may allow remote attackers to disclose authentication credentials such as username and passwords of vulnerable users.
It has been reported that this issue may be exploited by sending a valid user a URI link to the OSSO login page. This link would contain an unspecified value for the 'p_submit_url' parameter that could allow an attacker to carry out a man-in-the-middle type attack. Reportedly, a successful attack could allow an attacker to redirect a victim to the attacker's site and then forward the victim to the real login page once the authentication credentials have been disclosed. An attacker may carry out this attack by spoofing host certificates in order to obfuscate their identity.
Due to a lack to details further information cannot be provided at the moment. This BID will be updated as more information becomes available.
Affected Products:
- Oracle Oracle HTTP Server 8.1.7
- Oracle Oracle HTTP Server 9.0.1
- Oracle Oracle HTTP Server 9.2.0 .0
- Oracle Oracle9i Application Server 1.0.2
- Oracle Oracle9i Application Server 1.0.2 .1s
- Oracle Oracle9i Application Server 1.0.2 .2
- Oracle Oracle9i Application Server 1.0.2.2.2
- Oracle Oracle9i Application Server 9.0.2
- Oracle Oracle9i Application Server 9.0.2 .3
- Oracle Oracle9i Application Server 9.0.2.0.0
- Oracle Oracle9i Application Server 9.0.2.0.1
- Oracle Oracle9i Application Server 9.0.2.1
- Oracle Oracle9i Application Server 9.0.2.2
- Oracle Oracle9i Application Server 9.0.3
- Oracle Oracle9i Application Server 9.0.3 .1
- Oracle Single Sign-On 0.0.0
References:
- Oracle: Oracle Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
