PT-2005-2383 · Oracle · Oracle Application Server

Alexander Kornbrust

Published

2005-05-02

Updated

2017-07-11

CVE-2005-1383

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Oracle Application Server OHS component versions 1.0.2 through 10.x

Description: The issue allows remote attackers to bypass HTTP Server mod access restrictions by sending a request to the webcache TCP port 7778 when the UseWebcacheIP option is disabled.

Recommendations: For Oracle Application Server OHS component versions 1.0.2 through 10.x, consider enabling the UseWebcacheIP option to prevent bypassing of HTTP Server mod access restrictions.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1383

Affected Products

Oracle Application Server

PT-2005-2383 · Oracle · Oracle Application Server

CVE-2005-1383

Related Identifiers

Affected Products

References · 9