Oracle9iAS Web Cache HTTP Content Header Denial Of Service Vulnerability

Oracle9iAS Web Cache HTTP Content Header Denial Of Service Vulnerability

Oracle9iAS Web Cache is a web caching solution for Oracle 9iAS Application Server, providing quick retrieval of dynamic web content.

A problem exists in the handling of unexpected queries to the Web Cache software.

A remote attacker may cause a denial of service attack on Oracle9iAS by sending a HTTP request with a header that has Content Length of 0, followed by three "0a"'s. This has the potential to deny service to legitimate users of the database.

A manual restart of the service is required to resume normal functionality.