CVE-2002-0103

Name of the Vulnerable Software and Affected Versions Oracle9iAS Web Cache version 2.0.0.x

Description The issue concerns an installer program that creates executable and configuration files with insecure permissions. This allows local users to gain privileges in two ways: by running webcached or by obtaining the administrator password from the webcache.xml file.

Recommendations For Oracle9iAS Web Cache version 2.0.0.x, consider changing the permissions of the executable and configuration files to secure them and prevent local users from gaining privileges. As a temporary workaround, restrict access to the webcached executable and the webcache.xml file to minimize the risk of exploitation.