|
|
|
|
| |
Credit:
The information has been provided by Oliver Karow.
The original article can be found at: http://www.securityfocus.com/bid/22027
|
| |
Vulnerable Systems:
* Oracle Application Server 10g Release 3 (10.1.3.0.0)
The server side component EmChartBean is part of the Oracle Enterprise Manager 10g Application Server Control Software. EmChartBean is vulnerable to a directory traversal attack.
The vulnerability can be exploited by sending an unauthenticated http GET request. Remote access is granted to files outside of the application's root directory with permissions of the Javaw.exe process, which by default runs with LocalSystem privileges.
The server side component EmChartBean only exists at runtime, and is unpacked from a JAR file after an initial call to the login page. Thus, a single request to the login page is required before an attacker can successfully exploit the vulnerability.
Vendor Response:
The fix for this security vulnerability is included in Oracle's January 2007 Critical Patch Update. The Critical Patch Update advisory, which lists the versions affected and contains links to more information and patches, is available at: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
The main page for Oracle Critical Patch Updates and Security Alerts is available at: http://www.oracle.com/technology/deploy/security/alerts.htm
Recommendation:
Follow your organization's testing procedures before applying patches or workarounds. Symantec recommends that customers should apply Oracle's update as soon as possible.
Oracle strongly recommends applying the Oracle Enterprise Manager patches released with the January 2007 Critical Patch Update to all instances affected by this problem.
CVE Information:
CVE-2007-0222
|
|
|
|
|
