Nessus Plugin #10854

Plugin Index

Note: This file has been created from a downloaded version of the Nessus Plugins from http://www.nessus.org/. Therefore, the information here can be outdated.

Oracle 9iAS mod_plsql directory traversal

Family:
CGI abuses
Category:
infos
Copyright:
This script is Copyright (C) 2002 Matt Moore
Summary:
Tests for Oracle9iAS mod_plsql directory traversal
Version:
$Revision: 1.9 $
Cve_id:
CAN-2001-1217
Bugtraq_id:
3727
Xrefs:
-
Description:

In a default installation of Oracle 9iAS, it is possible
to use the mod_plsql module to perform a directory traversal attack.


Solution:
Download the patch from the oracle metalink site.

References:
http://otn.oracle.com/deploy/security/pdf/modplsql.pdf
http://www.nextgenss.com/advisories/plsql.txt
http://www.oracle.com

Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.