Vulnerabilities > CVE-2002-0103 - Unspecified vulnerability in Oracle Application Server web Cache 2.0.0.0/2.0.0.1/2.0.0.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
References
- http://marc.info/?l=bugtraq&m=101041510727937&w=2
- http://marc.info/?l=bugtraq&m=101041510727937&w=2
- http://otn.oracle.com/deploy/security/pdf/webcache2.pdf
- http://otn.oracle.com/deploy/security/pdf/webcache2.pdf
- http://www.iss.net/security_center/static/7766.php
- http://www.iss.net/security_center/static/7766.php
- http://www.iss.net/security_center/static/7768.php
- http://www.iss.net/security_center/static/7768.php
- http://www.securityfocus.com/bid/3761
- http://www.securityfocus.com/bid/3761
- http://www.securityfocus.com/bid/3764
- http://www.securityfocus.com/bid/3764