CVE-2002-0842: CVE-2002-0842

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0842

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string specifiers to be returned from dav_lookup_uri() in mod_dav.c, which is then used in a call to ap_log_rerror().

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Oracle 9i应用服务器DAV_PUBLIC远程格式串溢出漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Oracle 9i应用服务器基于Apache Web服务器，支持SOAP、PL/SQL、XSQL、JSP等环境。 Oracle 9i应用服务器使用的DAV模块在记录错误信息时存在格式串错误，远程攻击者可以利用这个漏洞构建恶意请求破坏Oralce进程的堆栈结构，可能以'Oralce'进程权限在系统上执行任意指令。攻击者通过构建恶意格式串发送给服务器，可导致覆盖堆栈中任意地址，可能以Oralce进程权限在系统上执行任意指令。成功利用此漏洞可以获得权限是在Linux/unix系统上为"Oracle"权限，而在W

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-0842

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-0842

Please Login to view more intelligence information

http://www.nextgenss.com/advisories/ora-appservfmtst.txtx_refsource_MISC
http://otn.oracle.com/deploy/security/pdf/2003alert52.pdfx_refsource_CONFIRM
http://www.securityfocus.com/bid/6846vdb-entryx_refsource_BID
http://www.ciac.org/ciac/bulletins/n-046.shtmlthird-party-advisorygovernment-resourcex_refsource_CIAC
http://www.kb.cert.org/vuls/id/849993third-party-advisoryx_refsource_CERT-VN
http://www.cert.org/advisories/CA-2003-05.htmlthird-party-advisoryx_refsource_CERT
http://www.iss.net/security_center/static/11330.phpvdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=104560577227981&w=2mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=104549708626309&w=2mailing-listx_refsource_NTBUGTRAQ
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0076.htmlmailing-listx_refsource_VULNWATCH
http://marc.info/?l=bugtraq&m=104559446010858&w=2mailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2002-0842

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2002-0842

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2002-0842

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-0842

III. Intelligence Information for CVE-2002-0842

IV. Related Vulnerabilities

V. Comments for CVE-2002-0842

Leave a comment