Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0103

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2002-0103
Last Modified 10 Sep 2008 03:11:20
Published 25 Mar 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-0103

Summary

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.

Vulnerable Systems

Application

  • Oracle Application Server Web Cache 2.0.0.0

  • Oracle Application Server Web Cache 2.0.0.1

  • Oracle Application Server Web Cache 2.0.0.2


References

CONFIRM - http://otn.oracle.com/deploy/security/pdf/webcache2.pdf

BUGTRAQ - 20020107 [PTL-2002-01] Vulnerabilities in Oracle9iAS Web Cache

BID - 3764

BID - 3761

XF - oracle-appserver-webcache-password(7768)

XF - oracle-appserver-webcached-privileges(7766)


Last Updated: 27 May 2016 10:36:46