Signature Detail

Short Name	HTTP:ORACLE:COPYFILE-DIR-TRAV
Severity	Medium
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Oracle Endeca CopyFile Directory Traversal
Release Date	2015/09/08
Update Number	2533
Supported Platforms	idp-4.0+, isg-3.4+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Oracle Endeca CopyFile Directory Traversal

This signature detects attempts to exploit a known vulnerability against Oracle Endeca while sending a specially crafted request to the target web application service. Attackers can gain access to sensitive information and could launch further attacks.

References

CVE: CVE-2015-4745
CVE: CVE-2015-2602
CVE: CVE-2015-2604
URL: http://www.zerodayinitiative.com/advisories/zdi-15-355/
URL: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
URL: http://www.zerodayinitiative.com/advisories/zdi-15-354/

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Oracle Endeca CopyFile Directory Traversal

References