pen-testing an Oracle9i Application Server

[fotos () softhome net]

In a pen-test of an Oracle Application Server
based on Apache http server, i have seen many vulnerabilities; 


mod_ssl/2.8.x afected by Apache mod_ssl/Apache-SSL Buffer Overflow 
Vulnerability  (no public exploit available) 

/soap/servlet/soaprouter afected by Oracle 9iAS SOAP components allow 
anonymous users to deploy applications by default. 

pls/updown/cntsample.startup for uploading and downloadig files from server, 
but not works. 

..... 

And probably too affected by these vulnerabilities: 

VU#500203 - Oracle9i Application Server Apache PL/SQL module vulnerable to 
buffer overflow via help page request
VU#313280 - Oracle9i Application Server Apache PL/SQL module vulnerable to 
buffer overflow via HTTP Location header
VU#750299 - Oracle9i Application Server Apache PL/SQL module vulnerable to 
buffer overflow via HTTP request
VU#878603 - Oracle9i Application Server Apache PL/SQL module vulnerable to 
buffer overflow via HTTP Authorization header
VU#659043 - Oracle9i Application Server Apache PL/SQL module vulnerable to 
buffer overflow via Database Access Descriptor password
VU#923395 - Oracle9i Application Server Apache PL/SQL module vulnerable to 
buffer overflow via cache directory name
VU#180147 - Oracle 9i Database Server PL/SQL module allows remote command 
execution without authentication 

I have try the pdf file "hacking proof oracle application server" obtaining 
many information, 

but i can't find any exploit for these vulnerabilities to gain remote 
access. 

Running over Solaris and Windows 

¿any ideas or sources? 

sincerely, Peter. 


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/