CVE-2003-1116 Information

Description

The communications protocol for the Report Review Agent (RRA) aka FND File Server (FNDFS) program in Oracle E-Business Suite 10.7 11.0 and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener.

Reference

http://marc.info/?l=bugtraq&m=105012832418415&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert53.pdf http://securitytracker.com/id?1006550 http://www.integrigy.com/alerts/FNDFS_Vulnerability.htm http://www.kb.cert.org/vuls/id/168873 http://www.securityfocus.com/bid/7325 https://exchange.xforce.ibmcloud.com/vulnerabilities/11768