CVE-2002-0103

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-0103
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.

4.6 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://marc.info/?l=bugtraq&m=101041510727937&w=2
http://otn.oracle.com/deploy/security/pdf/webcache2.pdf Patch Vendor Advisory
http://www.iss.net/security_center/static/7766.php
http://www.iss.net/security_center/static/7768.php
http://www.securityfocus.com/bid/3761
http://www.securityfocus.com/bid/3764
http://marc.info/?l=bugtraq&m=101041510727937&w=2
http://otn.oracle.com/deploy/security/pdf/webcache2.pdf Patch Vendor Advisory
http://www.iss.net/security_center/static/7766.php
http://www.iss.net/security_center/static/7768.php
http://www.securityfocus.com/bid/3761
http://www.securityfocus.com/bid/3764
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:application_server_web_cache:2.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.2:*:*:*:*:*:*:*
History

20 Nov 2024, 23:38

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=101041510727937&w=2 - () http://marc.info/?l=bugtraq&m=101041510727937&w=2 -
References () http://otn.oracle.com/deploy/security/pdf/webcache2.pdf - Patch, Vendor Advisory () http://otn.oracle.com/deploy/security/pdf/webcache2.pdf - Patch, Vendor Advisory
References () http://www.iss.net/security_center/static/7766.php - () http://www.iss.net/security_center/static/7766.php -
References () http://www.iss.net/security_center/static/7768.php - () http://www.iss.net/security_center/static/7768.php -
References () http://www.securityfocus.com/bid/3761 - () http://www.securityfocus.com/bid/3761 -
References () http://www.securityfocus.com/bid/3764 - () http://www.securityfocus.com/bid/3764 -
Information

Published : 2002-03-25 05:00

Updated : 2024-11-20 23:38

NVD link : CVE-2002-0103

Mitre link : CVE-2002-0103

CVE.ORG link : CVE-2002-0103

JSON object : View

Products Affected

oracle

  • application_server_web_cache
CWE
NVD-CWE-Other