Tutorial - Oracle Web Cache

Oracle Web Cache

Updated 11/1/02
CVE 2001-0836

Impact

A remote attacker could execute arbitrary commands or create a denial of service.

Background

The Oracle Web Cache is a server used to cache HTTP requests to Oracle Web Listeners, thereby reducing the load on the Web Listeners. The Web Cache Manager is an administrative module for Web Cache.

The Problems

11/1/02
The Web Cache Manager can be crashed remotely by sending certain forms of HTTP GET requests to the server. GET /../ and malformed Transfer-Encoding: headers are among the attacks that could cause the Web Cache Manager to crash. Oracle 9iAS Web Cache 9.0.2 on Windows platforms is affected by this vulnerability.

10/26/01
CVE 2001-0836
A second vulnerability in Oracle Web Cache is caused by a buffer overflow condition. A remote attacker could execute arbitrary commands or disrupt the operation of the Web Cache. Oracle 9iAS Web Cache 2.0.0.1 is affected by this vulnerability.

Resolution

Upgrade to Oracle 9iAS Web Cache 9.0.4 when it becomes available. Until it becomes available, the Web Cache administrative port (4000/TCP) should be blocked at the firewall or network perimeter, and Web Cache Manager's Secure Subnets feature should be used to deny access to all except a list of permitted IP addresses.

Where can I read more about this?

For more information on the denial-of-service vulnerability in Web Cache Manager, see Oracle Security Alert #43 and the @stake advisory. For more information about the buffer overflow vulnerability, see CERT Advisory 2001-29, Defcom Labs Advisory 2001-30, and Oracle Security Alert #18. For general information about Oracle Web Cache, see the FAQ.