CVE-2002-0103

Sažetak

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.

Reference

http://marc.info/?l=bugtraq&m=101041510727937&w=2
http://otn.oracle.com/deploy/security/pdf/webcache2.pdf
http://www.iss.net/security_center/static/7766.php
http://www.iss.net/security_center/static/7768.php
http://www.securityfocus.com/bid/3761
http://www.securityfocus.com/bid/3764

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2016 - 02:16

Objavljeno

25-03-2002 - 05:00