This script is Copyright (C) 2003-2014 Javier Fernandez-Sanguino
Sensitive data may be accessed on the remote host.
Oracle 9iAS can provide access to the PL/SQL application OWA_UTIL that
provides web access to some stored procedures. These procedures,
without authentication, can allow users to access sensitive information
such as source code of applications, user credentials to other database
servers and run arbitrary SQL queries on servers accessed by the
See also :
Apply the appropriate patch listed in Oracle's advisory, which details
how you can restrict unauthenticated access to procedures using the
exclusion_list parameter in the PL/SQL gateway configuration file
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.8
Public Exploit Available : true
Nessus Plugin ID: 11225 ()
Bugtraq ID: 4294
CVE ID: CVE-2002-0560
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.