| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> note 200873.1
Oracle Security Alert #36
Dated: 20 June 2002
Security Vulnerability in Apache HTTP Server Affects Oracle9iAS & Oracle Http Server (OHS)
Description
A potential security vulnerability exists in Apache HTTP Servers up to and including version 1.3.24. A knowledgeable and malicious user can exploit this vulnerability by remotely sending a carefully crafted invalid request to the Apache HTTP server using chunked encoding. Doing so may lead to successful Denial of Service (DoS) attacks on 32-bit Unix operating systems and running of arbitrary code on Windows and 64-bit Unix operating systems.
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists --------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Sun Jun 30 2002 - 14:43:17 CDT
 |
 |