Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
BID:9868
Info
Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
| Bugtraq ID: | 9868 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2004-0385 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 12 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | These issues were discovered by Ioannis Migadakis. |
| Vulnerable: |
Oracle Oracle9i Application Server Web Cache 9.0.3 .1 Oracle Oracle9i Application Server Web Cache 9.0.2 .3 Oracle Oracle9i Application Server Web Cache 9.0.2 .2 Oracle Oracle9i Application Server Web Cache 2.0 .0.4 Oracle Application Server Web Cache 10g 9.0.4 .0 |
| Not Vulnerable: | |
Discussion
Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
Oracle Application Server Web Cache is prone to a remotely exploitable heap overrun when handling excessive data specified in HTTP Requests.
This issue could be triggered through the HTTP or HTTPS ports of the service, which are user-configurable (by default HTTP is 7777/TCP and 4443/TCP is for HTTPS). It has been reported that these ports are normally reconfigured to 80/TCP and 443/TCP for HTTP and HTTPS respectively when making the service remotely accessible.
The vulnerability affects all platforms that the software runs on and may be exploited to execute arbitrary code in the context of the server process.
Oracle Application Server Web Cache is prone to a remotely exploitable heap overrun when handling excessive data specified in HTTP Requests.
This issue could be triggered through the HTTP or HTTPS ports of the service, which are user-configurable (by default HTTP is 7777/TCP and 4443/TCP is for HTTPS). It has been reported that these ports are normally reconfigured to 80/TCP and 443/TCP for HTTP and HTTPS respectively when making the service remotely accessible.
The vulnerability affects all platforms that the software runs on and may be exploited to execute arbitrary code in the context of the server process.
Exploit / POC
Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
Solution:
Oracle Application Server Web Cache 10g (9.0.4.0) includes fixes for Windows, Tru64 and AIX (release pending). Other platforms for this release are still vulnerable. Users should upgrade to this release if they are using one of the platforms that includes fixes. Other fixes for this release are pending.
Oracle has released a Patch Availability Matrix which details available and pending fixes for various platforms and releases. Further details may be found in the attached advisory.
Oracle has released an update to their original advisory clarifying the E-Business statement and adding the appropriate credits. Please see the referenced advisory for more information.
Solution:
Oracle Application Server Web Cache 10g (9.0.4.0) includes fixes for Windows, Tru64 and AIX (release pending). Other platforms for this release are still vulnerable. Users should upgrade to this release if they are using one of the platforms that includes fixes. Other fixes for this release are pending.
Oracle has released a Patch Availability Matrix which details available and pending fixes for various platforms and releases. Further details may be found in the attached advisory.
Oracle has released an update to their original advisory clarifying the E-Business statement and adding the appropriate credits. Please see the referenced advisory for more information.
References
Oracle Application Server Web Cache HTTP Request Method Heap Overrun Vulnerability
References:
References:
- Oracle Security Alert 66 (Oracle)