Oracle 9i Application Server Path Revealing Vulnerability

info
discussion
exploit
solution
references

Oracle 9i Application Server Path Revealing Vulnerability

Solution:
As a solution to this problem, Oracle recommends upgrading to OJSP 1.1.2.0.0, which can be obtained here:

http://otn.oracle.com/software/tech/java/servlets/content.html

Oracle Oracle9i Application Server 1.0.2

Oracle OJSP 1.2.2.0.0
http://otn.oracle.com/software/tech/java/servlets/content.html