Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
41424344454647484950
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
46
Signature ID: 252
Oracle 9iAS mod_plsql cross site scripting vulnerability
Threat Level: Warning
Industry ID: CVE-2002-1636 Nessus: 10853
Signature Description: The Oracle Application Server is a platform for developing, deploying, and integrating
enterprise applications. This software is produced and marketed by Oracle Corporation. Oracle9i Application Server is
vulnerable to cross-site scripting attack, caused by improper filtering of HTML script tags. A remote attacker could
create a malicious URL link containing embedded script which would be executed in the victim's Web browser within
the security context of the hosting site, once the link is clicked.
Signature ID: 253
Oracle 9iAS mod_plsql Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2001-1216 Bugtraq: 3726 Nessus: 10840
Signature Description: The Oracle Application Server is a platform for developing, deploying, and integrating
enterprise applications. This software is produced and marketed by Oracle Corporation. Oracle 9i Application Server
comes with an Apache-based web server and support for environments such as SOAP, PL/SQL, XSQL and JSP. The
PL/SQL Apache module for Oracle 9iAS provides functionality for remote administration of the Database Access
Descriptors and access to help pages. A remotely exploitable buffer overflow exists in the PL/SQL Apache module. A
request for an excessively long help page can cause stack variables to be overwritten. This allows an attacker to execute
arbitrary code. The attacker-supplied code is executed with SYSTEM level privileges on Microsoft Windows systems.
Signature ID: 254
Oracle 9iAS Jsp Source code disclosure vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0562 Bugtraq: 4034 Nessus: 10852
Signature Description: The Oracle Application Server is a platform for developing, deploying, and integrating
enterprise applications. This software is produced and marketed by Oracle Corporation. Oracle 9i Application
Server(9iAS) comes with an Apache-based web server and support for environments such as SOAP, PL/SQL, XSQL
and JSP. Three files are created when a user requests a JSP page: A ‘jsp_StaticText.class’ file, a
‘.class’ file and a ‘.java’ file. In Oracle 9iAS, all these files are stored in ‘/_`pages
directory tree. A user can request a ‘.jsp’ file and then access the corresponding ‘.java’ file
to see it’s source code. This can reveal sensitive information like databases authentication information. Also, a
file called ‘globals.jsa’ is available to users without restriction. Sensitive information including user
names and passwords are stored in this file. Information obtained by attacker can then be used to further attacks.
Signature ID: 255
Oracle 9iAS Java Process Manager vulnerability
Threat Level: Warning
Industry ID: CVE-2002-0563
Bugtraq: 4293 Nessus: 10851,10848
Signature Description: The Oracle Application Server is a platform for developing, deploying, and integrating
enterprise applications. This software is produced and marketed by Oracle Corporation. Oracle 9i Application
Server(9iAS) comes with an Apache-based web server and support for environments such as SOAP, PL/SQL, XSQL
and JSP. In Oracle 9i Application Server 1.0.2.x, anonymous users can access sensitive services without authentication
if default settings are used. ‘oprocmgr-service’, which can be used to control Java processes, is one such
service. Using this process, the user can list, start or stop the processes running on the remote host. Stopping a process
can result in a Denial of Service(DoS) condition.