| Vulnerability Name: | CCN-3481 |
| Published: | 1999-11-10 |
| Updated: | 1999-11-10 |
| Summary: | The Oracle Application Server for Solaris contains a vulnerability in the Apache Startup function. The server offers Web administrators the option to install and configure HTTP listeners. The Oracle Management server supports both Netscape and Apache listeners in addition to those provided by Oracle with the Application Server. An administrator choosing to install an apache listener must supply a unique name, a path to the server's executable, and a configuration file. Once supplied, a backend setuid root executable attempts to start the Apache HTTP server.
An attacker with an unprivileged account on the target system may trick 'apchlctl' into executing any arbitrary command as root. The Apache start executable is also unsafe in handling write calls and certain files created will follow symbolic links. |
| CVSS v3 Severity: | |
| CVSS v2 Severity: | |
| Vulnerability Consequences: | Gain Access |
| References: | Source: CCN Type: Oracle MetaLink Web site Welcome to Oracle MetaLink Source: CCN Type: Internet Security Systems Security Alert #38 Multiple Root Compromise Vulnerabilities in Oracle Application Server Source: XF Type: UNKNOWN oracle-appserver-apchlctl(3481) |
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable |
| BACK | |