Oracle Apache+WebDB Documented Backdoor Vulnerability
BID:2171
Info
Oracle Apache+WebDB Documented Backdoor Vulnerability
| Bugtraq ID: | 2171 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 19 2000 12:00AM |
| Updated: | Dec 19 2000 12:00AM |
| Credit: | This vulnerability was first announced by Michal Zalewski <[email protected]> on December 19, 2000. |
| Vulnerable: |
Oracle Internet Application Server 3.0.7 |
| Not Vulnerable: | |
Discussion
Oracle Apache+WebDB Documented Backdoor Vulnerability
Oracle Internet Application Server is an integrated database and web package distributed by Oracle Corporation. A problem in the software may allow remote users unauthorized access to critical resources.
The problem occurs in the combination of Apache and WebDB software, a common implementation. The software requires a password to access the /WebDB directory on most implementations. However, a documented backdoor in the Oracle Internet Application Server allows remote users access to the /WebDB/admin_/ directory without access control. This makes it possible for a user with malicious intent to change passwords, alter web content, and change table names.
Oracle Internet Application Server is an integrated database and web package distributed by Oracle Corporation. A problem in the software may allow remote users unauthorized access to critical resources.
The problem occurs in the combination of Apache and WebDB software, a common implementation. The software requires a password to access the /WebDB directory on most implementations. However, a documented backdoor in the Oracle Internet Application Server allows remote users access to the /WebDB/admin_/ directory without access control. This makes it possible for a user with malicious intent to change passwords, alter web content, and change table names.
Exploit / POC
Oracle Apache+WebDB Documented Backdoor Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Oracle Apache+WebDB Documented Backdoor Vulnerability
Solution:
This temporary fix was supplied by <[email protected]> :
Quick fix for the open /WebDB/admin_/gateway.htm file is to uncomment and supply real user account names to the administrators line in the [WVGATEWAY] section of wdbsvr.app.
Solution:
This temporary fix was supplied by <[email protected]> :
Quick fix for the open /WebDB/admin_/gateway.htm file is to uncomment and supply real user account names to the administrators line in the [WVGATEWAY] section of wdbsvr.app.