HTTP: Oracle Application Server Portal Authentication Bypass Vulnerability
This signature detects attempts to exploit a known authentication bypass vulnerability in Oracle Application Server Portal. A remote unauthenticated attacker could exploit this vulnerability by sending a special request to the server. Successful exploitation may allow the attacker to bypass authentication and allow access to sensitive data.
Extended Description
Oracle Application Server (OracleAS) Portal 10g allows remote attackers to bypass intended access restrictions and read the contents of /dav_portal/portal/ by sending a request containing a trailing "%0A" (encoded line feed), then using the session ID that is generated from that request. NOTE: as of 20080512, Oracle has not commented on the accuracy of this report.
Affected Products
Oracle application_server_portal
Short Name
HTTP:ORACLE:APP-SERVER-BYPASS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Application Authentication Bypass CVE-2008-2138 Oracle Portal Server Vulnerability bid:29119
Release Date
11/22/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Oracle
CVSS Score
5.0