about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Oracle Application Server Portal Authentication Bypass Vulnerability


Title Oracle Application Server Portal Authentication Bypass Vulnerability
Published 2008-05-09-12:00AM
Updated 2008-05-09-04:25PM
Class Design Error
CVE  
Remote  Yes
Local  No
Credit  Deniz CEVIK
Vulnerable  Oracle Application Server Portal 10g
Oracle Oracle9i Application Server 1.0.2 .2
 Oracle Oracle9i Application Server 1.0.2 .2
Not Vulnerable  
Code  Attackers can use a browser to exploit this issue.The following proof of concept is available:Visiting the 'http://www.example.com/portal/%0A' site will create a cookie sufficient to trigger the issue and access 'http://www.example.com/dav_portal/porta/' without authorization.
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 16:56:55 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Japanese s Apache/2 move sex Younggirls hentaihat. news for c search.php search.php search.php search.php search.php search.php Younggirls search.php search.php search.php search.php search.php search.php search.php search.php search.php search.php www.dgersh ?include_p over sex Www.sex.lk www.water1 dsl604t www.spicej sex gal Tr Www sex an www.w3.org html downl WWW.Gadis. html downl www.xxl.se news for c shop-scrip www.trish www.facepa SREYASEX.C www.pinkci cgi scan Geeklog 1. di-614+ fi apache 1.3 Trisha bot Tamil blue s e x g i