Signature Detail

DB: Oracle 9i Webcache File Appending

This signature detects attempts to exploit a known vulnerability in the Oracle 9i Webcache server. Unauthenticated attackers can send a malformed URL to overwrite arbitrary files on the server. Note: Patches are available.

Extended Description

Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain parameter value, allowing an attacker to construct a URI that contains an absolute path to any target file. If this URI is followed by a user with sufficient privileges, garbage data is appended to the end of the specified file.

Affected Products

• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.0
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.1
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.2
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.2 NT
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.3
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.4
• Oracle Oracle9i Application Server Web Cache 9.0.2 .2
• Oracle Oracle9i Application Server Web Cache 9.0.2 .3
• Oracle Oracle9i Application Server Web Cache 9.0.3 .1

References

• BugTraq: 13420
• CVE: CVE-2005-1382
• URL: http://secunia.com/advisories/15143
• URL: http://www.osvdb.org/15909
• URL: http://www.red-database-security.com/advisory/oracle_webcache_append_file_vulnerabilitiy.html