|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA10937] Oracle9i Database User Session Hijacking Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Feb 23 2004 - 02:05:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Oracle9i Database User Session Hijacking Vulnerability
SECUNIA ADVISORY ID:
SA10937
VERIFY ADVISORY:
http://secunia.com/advisories/10937/
CRITICAL:
Less critical
IMPACT:
Hijacking, DoS
WHERE:
From local network
SOFTWARE:
Oracle E-Business Suite 11i
Oracle9i Database Enterprise Edition
Oracle9i Database Standard Edition
DESCRIPTION:
Oracle has issued updates for Oracle 9i Database, these fix a
vulnerability allowing malicious users to hijack other sessions or
cause a Denial of Service.
Further information is currently not available.
SOLUTION:
Patches are available, see Metalink Document ID 258254.1:
http://metalink.oracle.com/
PROVIDED AND/OR DISCOVERED BY:
David Litchfield, Next Generation Security Software
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]