Detections
Analytics

Oracle 9iAS .JSP File Request Default Error Information Disclosure

medium Nessus Network Monitor Plugin ID 1594

Synopsis

Oracle 9iAS allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file.

Description

Oracle 9iAS allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file. The default error generated leaks the pathname in an error message.

Solution

Ensure that virtual paths of URL is different from the actual directory path. Also, do not use the <servletzonepath> directory in 'ApJServMount <servletzonepath> <servletzone>' to store data or files.

See Also

http://otn.oracle.com/deploy/security/pdf/jspexecute_alert.pdf

http://www.kb.cert.org/vuls/id/278971

http://www.cert.org/advisories/CA-2002-08.html

http://www.nextgenss.com/papers/hpoas.pdf

Plugin Details

Severity: Medium

ID: 1594

Family: Web Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 11226

Risk Information

VPR

Risk Factor: Low

Score: 3.3

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:application_server

Reference Information

CVE: CVE-2001-1372

BID: 3341