CVE-2002-0561

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle9i; Application Server Web Cache; Oracle8i; Application Server
Vendor: CVE Published:; 3 July 2002

Summary

The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings.

References

http://marc.info/?l=bugtraq&m=101301813117562&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/4292

vdb-entryx_refsource_BID

http://www.cert.org/advisories/CA-2002-08.html

third-party-advisoryx_refsource_CERT

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 7, 2002