Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-1235


Vulnerability Score 5.0 5.0
CVE Id CVE-2000-1235
Last Modified 05 Sep 2008 04:22:59
Published 31 Dec 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.

Vulnerable Systems


  • Oracle Application Server 3.0.7


BID - 2150

XF - oracle-webdb-admin-access(5818)

BUGTRAQ - 20001223 Potential Vulnerabilities in Oracle Internet Application Server

BUGTRAQ - 20001221 Re: Oracle WebDb engine brain-damagse

BUGTRAQ - 20001219 Oracle WebDb engine brain-damagse

Last Updated: 27 May 2016 10:36:05