DB: Oracle Application Server Web Cache
This signature detects attempts to exploit a known vulnerability against the Oracle Application Server Web Cache. A successful attack can lead to overwrite arbitrary files on the server.
Extended Description
Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain parameter value, allowing an attacker to construct a URI that contains an absolute path to any target file. If this URI is followed by a user with sufficient privileges, garbage data is appended to the end of the specified file.
Affected Products
Oracle oracle9i_application_server_web_cache
References
BugTraq: 13420
CVE: CVE-2005-1382
URL: http://www.red-database-security.com/advisory/oracle_webcache_append_file_vulnerabilitiy.html
Short Name
DB:ORACLE:EXP-APP-WEBCACHE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
Application CVE-2005-1382 Cache Oracle Server Web bid:13420
Release Date
06/01/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Oracle
CVSS Score
5.0