Intrusion Prevention

Oracle9i.Application.Server.Unauthenticated.User.Access

Description

This indicates an attack attempt to exploit an Information Disclosure vulnerability in the Oracle9i Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can gain unauthorized access to sensitive information about the server.

Affected Products

Oracle Oracle9i Application Server.

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Refer to the vendor's website for suggested workaround.
http://www.oracle.com/us/technologies/security/ias-modplsql-alert-131669.pdf

CVE References

CVE-2002-0563