CVE-2002-0102
CVSS5.0
发布时间 :2002-03-25 00:00:00
修订时间 :2008-09-10 15:11:20
NMCOS    

[原文]Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.


[CNNVD]Oracle9iAS Web Cache Null字符处理不当导致拒绝服务漏洞(CNNVD-200203-078)

        
        Oracle9iAS Web Cache是一款Oracle 9iAS应用服务程序的WEB缓冲解决方案,提供快速显示动态WEB内容。
        Oracle9iAS Web Cache存在漏洞,通过提交包含多个NULL字符的请求给Web缓冲服务,可导致服务器程序崩溃。
        攻击者可以通过通过1100、4000、4001、4002端口提交多个恶意请求到WEB缓冲服务,并且这些请求中包含多个NULL字符('%00')可导致服务停止响应,造成拒绝服务攻击。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:oracle:application_server_web_cache:2.0.0.2::nt
cpe:/a:oracle:application_server_web_cache:2.0.0.0Oracle Oracle9iAS Web Cache 2.0.0.0
cpe:/a:oracle:application_server_web_cache:2.0.0.1Oracle Oracle9iAS Web Cache 2.0.0.1
cpe:/a:oracle:application_server_web_cache:2.0.0.2Oracle Oracle9iAS Web Cache 2.0.0.2

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0102
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0102
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200203-078
(官方数据源) CNNVD

- 其它链接及资源

http://otn.oracle.com/deploy/security/pdf/webcache2.pdf
(VENDOR_ADVISORY)  CONFIRM  http://otn.oracle.com/deploy/security/pdf/webcache2.pdf
http://xforce.iss.net/static/7765.php
(UNKNOWN)  XF  oracle-appserver-null-dos(7765)
http://www.securityfocus.com/bid/3762
(UNKNOWN)  BID  3762
http://www.securityfocus.com/bid/3760
(UNKNOWN)  BID  3760

- 漏洞信息

Oracle9iAS Web Cache Null字符处理不当导致拒绝服务漏洞
中危 其他
2002-03-25 00:00:00 2005-10-20 00:00:00
远程  
        
        Oracle9iAS Web Cache是一款Oracle 9iAS应用服务程序的WEB缓冲解决方案,提供快速显示动态WEB内容。
        Oracle9iAS Web Cache存在漏洞,通过提交包含多个NULL字符的请求给Web缓冲服务,可导致服务器程序崩溃。
        攻击者可以通过通过1100、4000、4001、4002端口提交多个恶意请求到WEB缓冲服务,并且这些请求中包含多个NULL字符('%00')可导致服务停止响应,造成拒绝服务攻击。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 在边界防火墙或者主机防火墙上限制对Oracle9iAS Web Cache 1100, 4000, 4001, 4002/TCP端口的访问。
        厂商补丁:
        Oracle
        ------
        Oracle已经为此发布了一个安全公告(OracleSA#27)以及相应补丁:
        OracleSA#27:Vulnerabilities in Oracle9i Application Server Web Cache
        链接:
        http://otn.oracle.com/deploy/security/pdf/webcache2.pdf

        Oracle9iAS Web Cache 2.0.0.3版本不存在此漏洞,请使用此版本。
        Oracle厂商也已经发布了补丁以修复这个安全问题,请到厂商的主页下载:
        
        http://metalink.oracle.com

        补丁号ID: 2131605

- 漏洞信息

675
Oracle Application Server Web Cache Null Character Request Remote DoS
Remote / Network Access Denial of Service
Loss of Availability
Vendor Verified

- 漏洞描述

- 时间线

2001-12-28 Unknow
Unknow Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Oracle9iAS Web Cache Multiple Periods Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 3762
Yes No
2001-12-28 12:00:00 2009-07-11 09:56:00
Discovery of this vulnerability is credited to Peter Grundl of KPMG. Initially publicized on December 28th, 2001 in an Oracle Security Alert.

- 受影响的程序版本

Oracle Oracle9i Application Server Web Cache 2.0 .0.2 NT
- Oracle Oracle9i Application Server
Oracle Oracle9i Application Server Web Cache 2.0 .0.2
- Oracle Oracle9i Application Server
Oracle Oracle9i Application Server Web Cache 2.0 .0.1
- Oracle Oracle9i Application Server
Oracle Oracle9i Application Server Web Cache 2.0 .0.0
- Oracle Oracle9i Application Server
Stonesoft StoneBeat GUI 2.0 .0.3
Oracle Oracle9i Application Server Web Cache 2.0 .0.3
- Oracle Oracle9i Application Server

- 不受影响的程序版本

Stonesoft StoneBeat GUI 2.0 .0.3
Oracle Oracle9i Application Server Web Cache 2.0 .0.3
- Oracle Oracle9i Application Server

- 漏洞讨论

Oracle9iAS Web Cache is a web caching solution for Oracle 9iAS Application Server, providing quick retrieval of dynamic web content.

It is possible for a remote attacker to cause a denial of service by making a request, via TCP port 4000, containing an excessive number of periods ('.'). This will cause the Web Cache admin service to shut down, requiring a manual restart to regain normal functionality.

- 漏洞利用

There is no exploit code required.

- 解决方案

Oracle has released a fix in the 2.0.0.3 release of Oracle9iAS Web Cache. The patch number is 2131605 and is available from http://metalink.oracle.com.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站