[NEWS] Oracle9iAS Web Cache Overflow Vulnerability (Patch)

From: support@securiteam.com
Date: 10/27/01


From: support@securiteam.com
To: list@securiteam.com
Subject: [NEWS] Oracle9iAS Web Cache Overflow Vulnerability (Patch)
Message-Id: <20011027123416.98898138BF@mail.der-keiler.de>
Date: Sat, 27 Oct 2001 14:34:16 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Oracle9iAS Web Cache Overflow Vulnerability (Patch)
------------------------------------------------------------------------

SUMMARY

A potential security vulnerability has been discovered in Oracle9iAS Web
Cache 2.0.0.1. This vulnerability enables an attacker to mount a
denial-of-service attack using an oversized HTTP GET request. On some
platforms there is an additional vulnerability that may allow remote
execution of arbitrary code.

For more information, see our previous article:
 <http://www.securiteam.com/exploits/6P00L002UA.html> Oracle9iAS Web Cache
Multiple DoS and Buffer Overflow

DETAILS

Vulnerable systems:
Oracle9iAS Web Cache 2.0.0.1

Patch:
Oracle has comprehensively fixed this security vulnerability in the
2.0.0.2 release of Oracle9iAS Web Cache. Supported customers may download
the release for their platform from Oracle's Worldwide Support web site,
Metalink, <http://metalink.oracle.com> http://metalink.oracle.com. Press
the "Patches" button to get to the patches web page. Enter the platform
and corresponding patch number from the table below, and press "Submit."

Platform patch number:
MS Windows NT/2000 Server - 2044682
Sun SPARC Solaris - 2042106
HP-UX - 2043908
Linux - 2043924
Compaq Tru64 UNIX - 2043921
AIX - 2043917

Alternatively, this release may be downloaded for evaluation on Windows
NT, Solaris, HP, and Linux from the Oracle Technology Network,
<http://otn.oracle.com/software/content.html>
http://otn.oracle.com/software/content.html.

ADDITIONAL INFORMATION

The information has been provided by <mailto:secalert_us@oracle.com>
Oracle Security Alerts.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.



Relevant Pages

  • Re: Its not that simple... [Was: Re: [Full-disclosure] Disney Down?]
    ... PnP is not a show stopper when it comes to patch compatibility testing ... "Successful exploitation of this vulnerability could be leveraged to ... "If it had been International Paper or some company like ... > to take security matters more seriously. ...
    (Full-Disclosure)
  • Re: Download.ject - commentary - LONG
    ... > patch recently released by Microsoft. ... > vulnerability in question, but instead is just a partial workaround. ... > Granted these are known security best practices related to Internet ... > a new default browser to users and hope that it will be safe enough. ...
    (microsoft.public.win2000.security)
  • Re: NT4 patch for MS00-084??
    ... there is no such patch to be found on the technet security ... > "Microsoft has released a patch that eliminates a security ... > vulnerability in Microsoft® Indexing Services for Windows 2000. ...
    (microsoft.public.security)
  • Microsoft Security Bulletin MS01-044
    ... Subject: Microsoft Security Bulletin MS01-044 ... 15 August 2001 Cumulative Patch for IIS ... - A denial of service vulnerability that could enable an attacker ...
    (Bugtraq)
  • Download.ject - commentary - LONG
    ... vulnerability in question, but instead is just a partial workaround. ... ADDITION to applying the 870669 patch. ... Granted these are known security best practices related to Internet ... a new default browser to users and hope that it will be safe enough. ...
    (microsoft.public.win2000.security)