Oracle Security Alert #36 Dated: 20 June 2002 Security Vulnerability in Apache HTTP Server Affects Oracle9iAS & Oracle Http Server (OHS)
Description A potential security vulnerability exists in Apache HTTP Servers up to and including version 1.3.24. A knowledgeable and malicious user can exploit this vulnerability by remotely sending a carefully crafted invalid request to the Apache HTTP server using chunked encoding. Doing so may lead to successful Denial of Service (DoS) attacks on 32-bit Unix operating systems and running of arbitrary code on Windows and 64-bit Unix operating systems. =============================================================== Ray Stell [EMAIL PROTECTED] (540) 231-4109 KE4TJC 28^D -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Ray Stell INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
