HTTP: Generic Request Method Overflow
This signature detects attempts to exploit a known vulnerability against HTTP request methods. Attackers can send an invalid or long HTTP request to overflow vulnerable buffers on the target Web server.
Extended Description
Oracle Application Server Web Cache is prone to a remotely exploitable heap overrun when handling excessive data specified in HTTP Requests. This issue could be triggered through the HTTP or HTTPS ports of the service, which are user-configurable (by default HTTP is 7777/TCP and 4443/TCP is for HTTPS). It has been reported that these ports are normally reconfigured to 80/TCP and 443/TCP for HTTP and HTTPS respectively when making the service remotely accessible. The vulnerability affects all platforms that the software runs on and may be exploited to execute arbitrary code in the context of the server process.
Affected Products
Oracle oracle9i_application_server_web_cache
References
BugTraq: 9868
CVE: CVE-2004-0385
URL: http://otn.oracle.com/deploy/security/pdf/2004alert66.pdf http://www.kb.cert.org/vuls/id/413006
Short Name
HTTP:OVERFLOW:METHOD-GENRC-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2004-0385 Generic Method Overflow Request bid:9868
Release Date
04/14/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Oracle
CVSS Score
10.0