HTTP.Authorization.Overflow

description-logoDescription

It indicates a possible exploit of a buffer-overflow vulnerability in Oracle9i database server.
Oracle 9i has a service called the Oracle XML Database 2, or XDB, that can be accessed via an HTTP based service on TCP port 8080 or an ftp based service on TCP port 2100. Multiple buffer overflow vulnerabilities are reported in it that may allow an attacker to execute arbitrary code on the vulnerable system or capture an active session. If FTP and HTTP services are enabled or if a remote attacker is authenticated, an attacker may send a malformed HTTP GET request to cause a buffer overflow and execute arbitrary code on the affected system.

affected-products-logoAffected Products

Oracle Oracle9i Standard Edition 9.2.0.1
Oracle Oracle9i Personal Edition 9.2.0.1
Oracle Oracle9i Enterprise Edition 9.2.0.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the website:
http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)