CVE-2002-0103

Published: Mar 25, 2002Modified: Apr 16, 2026

4.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 3.9 / Impact: 6.4

Source: NVD

Description

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.

Affected (3)

Products: Oracle: Application Server Web Cache

1 product

Application Server Web Cache

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Application Server Web Cache	Version 2.0.0.0
Oracle Application Server Web Cache	Version 2.0.0.1
Oracle Application Server Web Cache	Version 2.0.0.2

References (12)

http://marc.info/?l=bugtraq&m=101041510727937&w=2

Source: cve@mitre.org

http://otn.oracle.com/deploy/security/pdf/webcache2.pdf

Source: cve@mitre.org

PatchVendor Advisory

http://www.iss.net/security_center/static/7766.php

Source: cve@mitre.org

http://www.iss.net/security_center/static/7768.php

Source: cve@mitre.org

http://www.securityfocus.com/bid/3761

Source: cve@mitre.org

http://www.securityfocus.com/bid/3764

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=101041510727937&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://otn.oracle.com/deploy/security/pdf/webcache2.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.iss.net/security_center/static/7766.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.iss.net/security_center/static/7768.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3761

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3764

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.