GEN:SID | 1:1805 |
Message | WEB-CGI Oracle reports CGI access |
Summary | This event is generated when an attempt is made to exploit a flaw on a server running Oracle reports.
|
Impact | Serious. Execution of arbitrary code is possible.
|
Detailed Information | A stack overflow exists in the Oracle Reports "rwcgi60" program. If a user supplies a long string as a value for the method "setauth", it can overflow the stack and may allow the user to run code on the server. This code would be executed with the permissions of the web server.
|
Affected Systems | Oracle's Oracle Reports6i 6.0.8 Oracle9i Application Server Reports 9.0.2
|
Attack Scenarios | An attacker can overflow the stack using a URL and cause the machine to execute shell code.
|
Ease of Attack | Medium
|
Corrective Action | Apply the appropriate vendor supplied patches.
|
Additional References | Bugtraq: http://www.securityfocus.com/bid/4848
|
Rule References | bugtraq: 4848
cve: 2002-0947
|