Re: [Full-disclosure] Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server
- From: Mark Thomas <markt@xxxxxxxxxx>
- Date: Wed, 21 Jan 2009 21:08:29 +0000
Eduardo Vela wrote:
Probably one of this are the vulnerabilty descriptions of the bugs:
Looks to be an exact match with
Note that although initially reported as a Tomcat vulnerability, the root cause
is a JVM bug.
If it's the same issue, Oracle didn't contacted me to notify me about it..
if it is that bug, then it could be fixed via:
or in that case
On Mon, Jan 19, 2009 at 10:56 PM, Eduardo Vela <sirdarckcat@xxxxxxxxx>wrote:
Server Version Info: Oracle-Application-Server-10g/10.1.3.1.0
Explaination: The "%c0%ae%c0%ae" is interpreted as: ".." because on
Java's side: "%c0%ae" is interpreted as: "\uC0AE" that get's casted to
an ASCII-LOW char, that is: ".".
You can read dangerous configuration information including passwords,
users, paths, etc..
Vendor contacted: 8/16/08
Vendor response: 8/18/08
Vendor reproduced the issue: 9/10/08
Vendor last contact: 9/30/08
Public Disclosure: 1/19/09
Oracle security bug id: 7391479
For more information contact Oracle Security Team: secalert_us@xxxxxxxxxx
I really wanted to give a link to a patch, but I think it's better if
this is known by sysadmins so they can filter this using an IDS.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Joomla component beamospetition 1.0.12 Sql Injection
- Next by Date: Digital Security opens a site of its research center DSec Research Group
- Previous by thread: Oracle Containers For Java Directory Traversal (OC4J) Oracle Application Server 10g (10.1.3.1.0) Oracle HTTP Server
- Next by thread: [security bulletin] HPSBMA02400 SSRT080144 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code