| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.0 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as critical, has been found in Oracle9i 9.0/9.0.1. This affects an unknown part of the component Service Handler. The manipulation leads to improper authentication. This vulnerability is listed as CVE-2002-0563. In addition, an exploit is available.
Details
A vulnerability was found in Oracle9i 9.0/9.0.1 (Database Software) and classified as critical. This issue affects an unknown functionality of the component Service Handler. The manipulation with an unknown input leads to a improper authentication vulnerability. Using CWE to declare the problem leads to CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. Impacted is confidentiality. The summary by CVE is:
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and Oracle Java Process Manager (7) oprocmgr-status and (8) oprocmgr-service, which can be used to control Java processes.
The weakness was presented 02/06/2002 by David Litchfield with NGSSoftware as confirmed advisory (CERT.org). It is possible to read the advisory at cert.org. The identification of this vulnerability is CVE-2002-0563. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are unknown but an exploit is available.
After even before and not, there has been an exploit disclosed. It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 10848 (Oracle 9iAS DMS / JPM Pages Anonymous Access), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Databases and running in the context r. The commercial vulnerability scanner Qualys is able to test this issue with plugin 86326 (Oracle Application/Database Server Unauthenticated User Access To Sensitive Services Vulnerability).
A possible mitigation has been published even before and not after the disclosure of the vulnerability. Attack attempts may be identified with Snort ID 1874.
The vulnerability is also documented in the databases at X-Force (8455), Tenable (10848), SecurityFocus (BID 4293†), OSVDB (13152†) and SecurityTracker (ID 1009167†). See VDB-17930, VDB-17931, VDB-18379 and VDB-18380 for similar entries. Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 5.0
VulDB Base Score: 5.3
VulDB Temp Score: 5.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Improper authenticationCWE: CWE-287
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 10848
Nessus Name: Oracle 9iAS DMS / JPM Pages Anonymous Access
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 10848
OpenVAS Name: Oracle 9iAS Dynamic Monitoring Services
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: no mitigation knownStatus: 🔍
0-Day Time: 🔍
Snort ID: 1874
McAfee IPS: 🔍
McAfee IPS Version: 🔍
ISS Proventia IPS: 🔍
PaloAlto IPS: 🔍
Timeline
02/06/2002 🔍02/06/2002 🔍
02/06/2002 🔍
02/07/2002 🔍
02/26/2002 🔍
07/03/2002 🔍
07/03/2002 🔍
02/09/2003 🔍
02/23/2004 🔍
01/21/2005 🔍
07/11/2014 🔍
09/16/2025 🔍
Sources
Advisory: cert.orgResearcher: David Litchfield
Organization: NGSSoftware
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2002-0563 (🔍)
GCVE (CVE): GCVE-0-2002-0563
GCVE (VulDB): GCVE-100-18383
CERT: 🔍
X-Force: 8455
SecurityFocus: 4293 - Oracle 9iAS Unautheticated User Access To Sensitive Services Vulnerability
OSVDB: 13152 - Oracle Application Server Java Process Manager /oprocmgr-status Anonymous Process Manipulation
SecurityTracker: 1009167
Vulnerability Center: 867 - Oracle 9iAS Allows Unauthenticated User Access To Sensitive Services, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 07/11/2014 14:21Updated: 09/16/2025 04:23
Changes: 07/11/2014 14:21 (77), 05/09/2019 09:47 (10), 11/17/2024 06:51 (17), 09/16/2025 04:23 (2)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.