XMLPitstop.com - Oracle 9iAS XSQL Servlet File Permission Bypass Vulnerability

Community-Credit.com | NonProfitWays.com | SOAPitstop.com

Skin:

User: Not logged in

Hot Links

Menu

My Pitstop

HeadGeek

Oracle 9iAS XSQL Servlet File Permission Bypass Vulnerability

Description:Oracle 9iAS package includes the XSQL Servlet as part of the XML Development kit. It may be used to convert the response from an SQL query into an XML format. Reportedly, the servlet does not properly enforce file permissions. An attacker may be able to exploit this vulnerability to view sensitive system configuration files, similar to the issues discussed in BID 4290.

Details about this resource

Resource URL:

http://www.xatrix.org/article1250.html

Rating:

9.00

# Times Viewed:

2936

Date Added:

2/2/2004 3:37:46 PM

Link Type:

XSQL

Link Category:

Resource

Reviews

Be the first to Review this resource

Featured Products

Fans of "The Office"
Dwight Bobbleheads are here!

“It's me! I'm the bobblehead! Yes!”

Advertise on XMLPitstop

Our Sponsors

Advertise on XMLPitstop

Partners

Friends

EggHead Cafe
Web Servicee development
DotNetSlackers
Brother compatible cartridges
conference calling
online fax service
email marketing
chicago web design
Alojamiento Web
UK Web Hosting
Security Camera Lenses
Christian Dior sunglasses
Video Surveillance
Hosted Exchange, SDSL

Statistics

4,312 Total Members
8 members(last 30 days)
1 members(last 7 days)
0 members(today)

1,953 Total Discussions
0 Posts(last 30 days)
0 Posts(last 7 days)
0 Posts(today)

47,487 Total Blog Posts
0 Blogs(last 30 days)
0 Blogs(last 7 days)
0 Blogs(today)

8,699 Newsgroup Posts
0 Posts(last 30 days)
0 Posts(last 7 days)
0 Posts(today)

14,253 Total Resources
14 Resources(last 30 days)
0 Resources(last 7 days)
0 Resources(today)