Oracle 9iAS _pages Directory Compiled JSP Source Disclosure

This script is Copyright (C) 2002-2014 Matt Moore


Synopsis :

Sensitive data may be read on the remote host.

Description :

In a default installation of Oracle 9iAS it is possible to read the
source of JSP files. When a JSP is requested it is compiled 'on the fly'
and the resulting HTML page is returned to the user. Oracle 9iAS uses a
folder to hold the intermediate files during compilation. These files
are created in the same folder in which the .JSP page resides. Hence, it
is possible to access the .java and compiled .class files for a given
JSP page.

See also :

http://www.nessus.org/u?80fe4531
http://www.oracle.com

Solution :

Edit httpd.conf to disallow access to the _pages folder.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:ND)
Public Exploit Available : true

Family: Databases

Nessus Plugin ID: 10852 ()

Bugtraq ID: 4034

CVE ID: CVE-2002-0565