- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 25988
- Проверка EDB
-
- Пройдено
- Автор
- DAVID LITCHFIELD
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- N/A
- Дата публикации
- 2003-02-13
Код:
source: https://www.securityfocus.com/bid/14274/info
The mod_oradav module for Oracle HTTP Server included in Oracle9i Application Server is prone to a vulnerability. This is related to access controls on the '/dav_public' and '/dav_portal' directories, allowing a malicious user to fill up the directory. It is not known if this could have other security impacts.
This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. This issue was also addressed by Oracle Security Alert #52, dated Feb 13, 2003.
http://www.example.com/dav_public
http://www.example.com/dav_portal- Источник
- www.exploit-db.com
