Oracle 9i Application Server DAV_PUBLIC Format String Vulnerability

info
discussion
exploit
solution
references

Oracle 9i Application Server DAV_PUBLIC Format String Vulnerability

Solution:
Caldera released an advisory containing fixes for this issue, however, the fixes still included the vulnerable mod_dav module. Caldera has since withdrawn the advisory.

This vulnerability is not present in Oracle 9i Application Server 9.0.3. Users are advised to upgrade or to apply the suggested workaround.