CVE-2002-0103

Currently unrated

Key Information:

Vendor: Oracle
Status: Application Server Web Cache
Vendor: CVE Published:; 25 March 2002

Summary

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.

References

http://marc.info/?l=bugtraq&m=101041510727937&w=2

mailing-listx_refsource_BUGTRAQ

http://otn.oracle.com/deploy/security/pdf/webcache2.pdf

x_refsource_CONFIRM

http://www.securityfocus.com/bid/3764

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 25, 2002
Vulnerability Reserved
Mar 15, 2002