Oracle Web Listener Denial of Service Vulnerability

info
discussion
exploit
solution
references

Oracle Web Listener Denial of Service Vulnerability

Certain versions of the Oracle Web Listener which is part of the Oracle Application Server is susceptible to a denial of service attack. This attack is delivered via a user sending a malformed URL (variations on ".." ) which results in the web server to cease serving requests.