Oracle 9iAS .JSP File Request Default Error Information Disclosure

Medium Nessus Network Monitor Plugin ID 1594

Synopsis

Oracle 9iAS allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file.

Description

Oracle 9iAS allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file. The default error generated leaks the pathname in an error message.

Solution

Ensure that virtual paths of URL is different from the actual directory path. Also, do not use the <servletzonepath> directory in 'ApJServMount <servletzonepath> <servletzone>' to store data or files.

See Also

http://otn.oracle.com/deploy/security/pdf/jspexecute_alert.pdf

http://www.kb.cert.org/vuls/id/278971

http://www.cert.org/advisories/CA-2002-08.html

http://www.nextgenss.com/papers/hpoas.pdf

http://otn.oracle.com/deploy/security/pdf/jspexecute_alert.pdf, http://www.kb.cert.org/vuls/id/278971, http://www.cert.org/advisories/CA-2002-08.html

Plugin Details

Severity: Medium

ID: 1594

Family: Web Servers

Published: 2004/08/20

Modified: 2016/01/21

Dependencies: 1442

Nessus ID: 11226

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Reference Information

CVE: CVE-2001-1372

BID: 3341