|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: [ISSForum] Vulnerabilities in Oracle 9iAS
From: Layer, Ben (ISS Atlanta) (BLayer
iss.net)
Date: Wed Nov 19 2003 - 11:16:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
I believe the tagname you are looking for is "oracle-appserver-apache-services".
In Internet Scanner the check will check for the /dms/DMSDump and /servlet/DMSDump as well as quite a few other files. The check shipped in XPU 6.10 for Internet Scanner 6.2.1. There were a few also other checks for oracle appserver which shipped in the same xpu.
There are decodes for detecting requests for these files in our IDS Software as well.
The xfdb entry for this tagname is located at http://xforce.iss.net/xforce/xfdb/8455
If this is not the information you were looking for, please let us know.
Thanks,
Ben Layer
ISS X-Force
-----Original Message-----
From: issforum-adminatla-mm1.iss.net On Behalf Of Andrés Alberto
Hernández González
Sent: Tuesday, November 18, 2003 6:53 PM
To: issforumatla-mm1.iss.net
Subject: [ISSForum] Vulnerabilities in Oracle 9iAS
Hi:
Anybody know what´s the tag name that registry Oracle 9iAS Unautheticated User
Access To Sensitive Services Vulnerability (like /servlet/DMSDump,
/dms/DMSDump) ?
Thanks a lot.
_______________________________________________
ISSForum mailing list
ISSForumiss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
_______________________________________________
ISSForum mailing list
ISSForumiss.net
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]