HTTP: Oracle9i Unauthorized Access Attempt

This signature detects attempts to exploit a known vulnerability in Oracle9i. A successful attack can allow attackers to gain administrative privileges.

Extended Description

The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa.

Affected Products

Oracle oracle9i

References

BugTraq: 4292 4034

CVE: CVE-2002-0561

Short Name
HTTP:ORACLE:ORACLE9I-INFO-LEAK
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Access Attempt CVE-2002-0561 CVE-2002-0562 Oracle9i Unauthorized bid:4034 bid:4292
Release Date
10/29/2014
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Oracle

CVSS Score

7.5

5.0

Found a potential security threat?