Authentication Bypass in Oracle 9i Application Server by Remote Attackers
CVE-2002-0564

Currently unrated

Key Information:

Vendor

Oracle
Status
Oracle9i
Application Server Web Cache
Oracle8i
Application Server
Vendor
CVE Published:
3 July 2002

What is CVE-2002-0564?

The vulnerability in Oracle 9i Application Server version 1.0.2.x occurs within the PL/SQL module 3.0.9.8.2, enabling remote attackers to bypass authentication for a Database Access Descriptor (DAD). By manipulating the URL to reference an alternate DAD that possesses valid credentials, an attacker can gain unauthorized access to the system, compromising database integrity and confidentiality. This vulnerability highlights the importance of stringent security measures to mitigate risks associated with URL manipulation and unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=101301813117562&w=2
mailing-listx_refsource_BUGTRAQ
http://www.cert.org/advisories/CA-2002-08.html
third-party-advisoryx_refsource_CERT
http://www.nextgenss.com/papers/hpoas.pdf
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.