Pentest Security Advisory : PTL-2004-04
Vulnerability in Oracle XDB Server
|Title:||Vulnerability in Oracle XDB Server|
|Announcement date:||23rd September 2004|
|Products:||Oracle XML Database Server|
|Vulnerability Type:||Denial Of Service|
An HTTP request to the Oracle XDB Server on port 8080 that contains a malformed HTTP header can cause a denial of service condition. This allows an unauthenticated remote user to crash the Oracle database instance.
Fix / Workarounds
Apply patch #68 available from Oracle Metalink.
This vulnerability was discovered by Pentest Limited
Pentest offers a thorough, yet adaptive range of security services to help customers address vulnerabilities in their network or applications. Services include: Secure Coding Workshops, SAST tools, Manual Penetration Testing and Security Audits.
Pentest offers a complete Database Security Assessment Service (DSAS) to businesses that rely on the security of the information held within their databases or have concerns relating to the security compliance of these systems.