|
Family: Databases --> Category: attack
Oracle HTTP Server mod_access Restriction Bypass Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for mod_access restriction bypass vulnerability in Oracle HTTP Server
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by an information disclosure
vulnerability.
Description :
The version of Oracle HTTP Server (OHS) installed on the remote host
fails to prevent users from accessing protected URLs by using the Web
Cache rather than OHS directly.
See also :
http://www.red-database-security.com/advisory/oracle_webcache_bypass.html
http://archives.neohapsis.com/archives/bugtraq/2005-04/0486.html
Solution :
Enable 'UseWebCacheIP' in OHS's httpd.conf.
Threat Level:
Low / CVSS Base Score : 1
(AV:R/AC:H/Au:R/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|