Intrusion Prevention

Oracle9i.HTTP.Server.Soap.Router.Access

Description

This indicates an attack attempt to exploit an Unauthorized Access vulnerability in Oracle 9i HTTP Server.
The vulnerability is due to a lack of input validation in the application. As a result, a remote attacker can gain unauthorized access to sensitive information or make arbitrary changes to the affected system.

Affected Products

Oracle9i Application Server 1.0.2.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Refer to the vendor's website for suggested workaround.
http://www.oracle.com/us/technologies/security/ias-soap-alert-128882.pdf

CVE References

CVE-2001-1371