PT-2005-2383 · Oracle · Oracle Application Server

Alexander Kornbrust

Publicado

2005-05-02

Atualizado

2017-07-11

CVE-2005-1383

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Oracle Application Server OHS component versions 1.0.2 through 10.x

Description: The issue allows remote attackers to bypass HTTP Server mod access restrictions by sending a request to the webcache TCP port 7778 when the UseWebcacheIP option is disabled.

Recommendations: For Oracle Application Server OHS component versions 1.0.2 through 10.x, consider enabling the UseWebcacheIP option to prevent bypassing of HTTP Server mod access restrictions.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-1383

Produtos afetados

Oracle Application Server

PT-2005-2383 · Oracle · Oracle Application Server

CVE-2005-1383

Identificadores relacionados

Produtos afetados

Referências · 9