Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam™ in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	Oracle9iAS Web Cache Overflow Vulnerability (Patch) 27 Oct. 2001    Summary A potential security vulnerability has been discovered in Oracle9iAS Web Cache 2.0.0.1. This vulnerability enables an attacker to mount a denial-of-service attack using an oversized HTTP GET request. On some platforms there is an additional vulnerability that may allow remote execution of arbitrary code. For more information, see our previous article: Oracle9iAS Web Cache Multiple DoS and Buffer Overflow   Credit: The information has been provided by Oracle Security Alerts.    Details Audit your web server for security holes - see what the hackers see. Sign up for a scan today - risk free! Vulnerable systems: Oracle9iAS Web Cache 2.0.0.1 Patch: Oracle has comprehensively fixed this security vulnerability in the 2.0.0.2 release of Oracle9iAS Web Cache. Supported customers may download the release for their platform from Oracle's Worldwide Support web site, Metalink, http://metalink.oracle.com. Press the "Patches" button to get to the patches web page. Enter the platform and corresponding patch number from the table below, and press "Submit." Platform patch number: MS Windows NT/2000 Server - 2044682 Sun SPARC Solaris - 2042106 HP-UX - 2043908 Linux - 2043924 Compaq Tru64 UNIX - 2043921 AIX - 2043917 Alternatively, this release may be downloaded for evaluation on Windows NT, Solaris, HP, and Linux from the Oracle Technology Network, http://otn.oracle.com/software/content.html.  Comments: Subject:   Date:  From:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles Cisco BBSM Captive Portal Cross-site Scripting Cisco Unified Communications Manager Denial of Service Vulnerabilities Novell eDirectory Unauthenticated Access to SOAP Interface Call of Duty Denial of Service Wonderware SuiteLink Denial of Service Vulnerability WebMod Multiple Vulnerabilities IAX2 Incomplete 3-Way Handshake (Spoofing) Multiple Vendor OpenOffice Vulnerabilities Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability Cisco Network Admission Control Shared Secret Vulnerability ClamAV libclamav PeSpin Heap Overflow Vulnerability ClamAV libclamav PE WWPack Heap Overflow Vulnerability IBM Informix Pre-Authentication Stack Overflow Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability HP OpenView NNM Buffer Overflow  Featured Articles Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability Adobe Acrobat Javascript PDF Security Feature Bypass and Memory Corruption Vulnerabilities Multiple Vendor rdesktop Vulnerabilities Wonderware SuiteLink Denial of Service Vulnerability PHP Multibyte Shell Command Escaping Bypass Vulnerability Akamai Download Manager Arbitrary Program Execution Vulnerability SugarCRM Community Edition Local File Disclosure Vulnerability
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®