Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:Oracle 9iAS web admin

Oracle 9i Application Server uses Apache as it's web
server with an Apache module for PL/SQL support.

By default, no authentication is required to access the
DAD configuration page. An attacker may use this flaw
to modify PL/SQL applications or prevent the remote host
from working properly.

Solution: Access to the relevant page can be restricted by
editing the file /Apache/modplsql/cfg/

Risk factor : High

Cross-Ref: BugTraq ID: 4292
Common Vulnerability Exposure (CVE) ID: CVE-2002-0561
Bugtraq: 20020206 Hackproofing Oracle Application Server paper (Google Search)
CERT/CC vulnerability note: VU#611776
CopyrightThis script is Copyright (C) 2003 Renaud Deraison

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.