Privilege Escalation in Oracle9iAS Web Cache by Oracle
CVE-2002-0103

Currently unrated

Key Information:

Vendor: Oracle
Status: Application Server Web Cache
Vendor: CVE Published:; 25 March 2002

What is CVE-2002-0103?

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions. This vulnerability enables local users to escalate their privileges by executing webcached or retrieving the administrator password from webcache.xml. Addressing this issue is essential to ensuring the integrity and confidentiality of system operations.

References

http://marc.info/?l=bugtraq&m=101041510727937&w=2

mailing-listx_refsource_BUGTRAQ

http://otn.oracle.com/deploy/security/pdf/webcache2.pdf

x_refsource_CONFIRM

http://www.securityfocus.com/bid/3764

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 25, 2002
Vulnerability Reserved
Mar 15, 2002