| VID |
22051 |
| Severity |
30 |
| Port |
1100, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The version of the Oracle9iAS Web Cache is vulnerable to a denial of service attack.
Oracle9iAS Web Cache is a web caching solution for Oracle 9iAS Application Server, providing quick retrieval of dynamic web content. A problem exists in the handling of unexpected queries to the Web Cache software. A remote attacker may cause a denial of service attack on Oracle9iAS by sending a HTTP request with a header that has Content Length of 0, followed by three "0a"'s. This has the potential to deny service to legitimate users of the database. A manual restart of the service is required to resume normal functionality.
* Note that secuiSCAN solely relied on the version number of the remote OracleWebCache service to assess this vulnerability
* References:
http://www.securityfocus.com/bid/3568 |
| Recommendation |
No remedy available as of November 2001. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
