XMLPitstop.com - Oracle 9iAS XSQL Servlet File Permission Bypass Vulnerability

Community-Credit.com | NonProfitWays.com | SOAPitstop.com

Skin:

User: Not logged in

Hot Links

Menu

My Pitstop

HeadGeek

Oracle 9iAS XSQL Servlet File Permission Bypass Vulnerability

Description:Oracle 9iAS package includes the XSQL Servlet as part of the XML Development kit. It may be used to convert the response from an SQL query into an XML format. Reportedly, the servlet does not properly enforce file permissions. An attacker may be able to exploit this vulnerability to view sensitive system configuration files, similar to the issues discussed in BID 4290.

Details about this resource

Resource URL:

http://www.xatrix.org/article1250.html

Rating:

9.00

# Times Viewed:

1073

Date Added:

2/2/2004 3:37:46 PM

Link Type:

XSQL

Link Category:

Resource

Reviews

Be the first to Review this resource

Featured Products

Fans of "The Office"
Dwight Bobbleheads are here!

“It's me! I'm the bobblehead! Yes!”

Advertise on XMLPitstop

Our Sponsors

Advertise on XMLPitstop

Partners

Friends

EggHead Cafe
Web Servicee development
DotNetSlackers
conference calling
online fax service
email marketing
Brother compatible cartridges
Conference Call
Video Surveillance
VoIP, SIP Internettelefonie, Voice over IP
Hosted Exchange, SDSL

Statistics

2,845 Total Members
31 members(last 30 days)
7 members(last 7 days)
0 members(today)

1,905 Total Discussions
6 Posts(last 30 days)
3 Posts(last 7 days)
0 Posts(today)

47,487 Total Blog Posts
0 Blogs(last 30 days)
0 Blogs(last 7 days)
0 Blogs(today)

8,699 Newsgroup Posts
0 Posts(last 30 days)
0 Posts(last 7 days)
0 Posts(today)

14,050 Total Resources
2 Resources(last 30 days)
1 Resources(last 7 days)
0 Resources(today)