Signature Detail

DB: Oracle Application Server Web Cache

This signature detects attempts to exploit a known vulnerability against the Oracle Application Server Web Cache. A successful attack can lead to overwrite arbitrary files on the server.

Extended Description

Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain parameter value, allowing an attacker to construct a URI that contains an absolute path to any target file. If this URI is followed by a user with sufficient privileges, garbage data is appended to the end of the specified file.

Affected Products

• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.0
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.1
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.2
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.2 NT
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.3
• Oracle Oracle9i Application Server Web Cache 2.0.0 .0.4
• Oracle Oracle9i Application Server Web Cache 9.0.2 .2
• Oracle Oracle9i Application Server Web Cache 9.0.2 .3
• Oracle Oracle9i Application Server Web Cache 9.0.3 .1

References

• BugTraq: 13420
• CVE: CVE-2005-1382
• URL: http://www.red-database-security.com/advisory/oracle_webcache_append_file_vulnerabilitiy.html