GEN:SID 1:1805
Message WEB-CGI Oracle reports CGI access
Summary This event is generated when an attempt is made to exploit a flaw on a
server running Oracle reports.
Impact Serious. Execution of arbitrary code is possible.
Detailed Information A stack overflow exists in the Oracle Reports "rwcgi60" program. If a
user supplies a long string as a value for the method "setauth", it can
overflow the stack and may allow the user to run code on the server.
This code would be executed with the permissions of the web server.
Affected Systems Oracle's Oracle Reports6i 6.0.8
    Oracle9i Application Server Reports 9.0.2
Attack Scenarios An attacker can overflow the stack using a URL and cause the machine to
execute shell code.
Ease of Attack Medium
Corrective Action Apply the appropriate vendor supplied patches.
Additional References Bugtraq:
http://www.securityfocus.com/bid/4848
Rule References bugtraq: 4848
cve: 2002-0947