Intrusion PreventionOracle9i.AS.Web.Cache.DoS
Description
This indicates a Denial of Service attack against the Oracle9i Application Server Web Administration Module.
The vulnerability is caused because Oracle 9i Application Server has a web component that allows administrators to access it remotely. A malicious user can craft a request which, when sent to the Web Administration Module, will cause it to crash.
Affected Products
Oracle Oracle9i Application Server 9.0.2.
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Use firewall techniques to restrict access to the Web Cache administration port.
Use the Secure Subnets feature of the Web Cache Manager tool to provide access only to administrators connecting from a list of permitted IP addresses or subnets.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-11-25 | 16.968 | Name:Oracle9i. Application. Server. Web. Cache. DoS:Oracle9i. AS. Web. Cache. DoS |
| 2020-01-17 | 15.760 | Sig Added |
| 2019-11-22 | 15.729 | Name:Oracle. 9i. Application. Server. Web. Cache. DoS:Oracle9i. Application. Server. Web. Cache. DoS |
| ID | 29976 |
| Created | Nov 08, 2011 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2002-0386 |
| Exploit Prediction Score | 90.22% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | Oracle |