← voltar
CVE-2002-0568

CVE-2002-0568

EPSS 75.2%
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://marc.info/?l=bugtraq&m=101301813117562&w=2http://www.cert.org/advisories/CA-2002-08.htmlhttp://www.kb.cert.org/vuls/id/476619http://www.nextgenss.com/papers/hpoas.pdfhttp://www.securityfocus.com/bid/4290