Back to search
CVE-2002-1635
Published: Mar 28, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias, which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#936507
third-party-advisory
x_refsource_CERT-VN
http://www.nextgenss.com/papers/hpoas.pdf
x_refsource_MISC
oracle-perl-cgi-source(10716)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now