QwikSec

Security Database

CVE

CWE

Training

CVE-2002-0386

Published: Oct 29, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oracle-appserver-webcachemanager-dos(10284)

vdb-entry

x_refsource_XF

vendor-advisory

x_refsource_ATSTAKE

vdb-entry

x_refsource_BID

http://otn.oracle.com/deploy/security/pdf/2002alert43rev1.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.