Oracle Web Listener URL Character Substitution Vulnerability
Oracle's Web Listener, a combination webserver and web-database interface, has been shown to have a weakness whereby unauthorized users can gain access to restricted queries.
If a character in a URL is replaced with it's HTTP-escaped equivalent, the Web Listener will grant access without requiring authentication.
If an attacker requests (for example)
the Web Listener will request a userid and password.
However, if the attacker requests:
the Web Listener will perform the action and display the results.