Oracle Web Cache
Updated 11/1/02
CVE 2001-0836
Impact
A remote attacker could execute arbitrary commands or
create a denial of service.
Background
The Oracle Web Cache is a server used to cache HTTP
requests to Oracle Web Listeners, thereby reducing the
load on the Web Listeners. The Web Cache Manager is
an administrative module for Web Cache.
The Problems
11/1/02
The Web Cache Manager can be crashed remotely by sending
certain forms of HTTP GET requests to the
server. GET /../ and malformed
Transfer-Encoding: headers are among the
attacks that could cause the Web Cache Manager to crash.
Oracle 9iAS Web Cache 9.0.2 on Windows platforms is affected
by this vulnerability.
10/26/01
CVE 2001-0836
A second vulnerability in Oracle Web Cache is caused by
a buffer overflow condition. A remote attacker
could execute arbitrary commands or disrupt the operation
of the Web Cache. Oracle 9iAS Web Cache 2.0.0.1 is affected
by this vulnerability.
Resolution
Upgrade
to Oracle 9iAS Web Cache 9.0.4 when it becomes
available. Until it becomes available, the Web Cache
administrative port (4000/TCP) should be blocked at the
firewall or network perimeter, and Web Cache Manager's
Secure Subnets feature should be used to deny access
to all except a list of permitted IP addresses.
Where can I read more about this?
For more information on the denial-of-service vulnerability
in Web Cache Manager, see
Oracle
Security Alert #43 and the
@stake advisory.
For more information about the buffer overflow vulnerability, see
CERT Advisory 2001-29,
Defcom Labs Advisory 2001-30,
and Oracle Security Alert #18.
For general information about Oracle Web Cache, see the
FAQ.