Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Implications of Apache vuln for Oracle

From: "Kevin Spett" <kspett () spidynamics com>
Date: Thu, 20 Jun 2002 10:05:55 -0400
Oracle Application Server runs on a normal version of apache with a couple
of mods for things like PL/SQL.  It's perfectly vulnerable.



Kevin Spett
SPI Dynamics
http://www.spidynamics.com/


----- Original Message -----
From: "Tina Bird" <tbird () precision-guesswork com>
To: <bugtraq () securityfocus com>
Sent: Wednesday, June 19, 2002 5:57 PM
Subject: Implications of Apache vuln for Oracle



Hi all --

Oracle is conspicuously absent from the list of vendors in CERT's Apache
advisory:

http://www.cert.org/advisories/CA-2002-17.html

especially since the bugs were discovered during Oracle testing.  Anyone
have an update on Oracle Application Server for the chunked encoding
issue?

thanks very much -- Tina Bird

"The road of excess leads to the palace of wisdom."
                                  Jade Blue Eclipse

http://www.shmoo.com/~tbird
Log Analysis http://www.counterpane.com/log-analysis.html
VPN http://vpn.shmoo.com
Previous By Date Next
Previous By Thread Next

Current thread: