Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-11T04:00:00
Updated: 2024-08-08T02:56:38.255Z
Reserved: 2002-06-07T00:00:00
Link: CVE-2002-0568
Vulnrichment
No data.
NVD
Status : Modified
Published: 2002-07-03T04:00:00.000
Modified: 2024-11-20T23:39:23.147
Link: CVE-2002-0568
Redhat
No data.