Home page logo

bugtraq logo Bugtraq mailing list archives

Re: DoS against Oracle Webserver 2.1 with PL/SQL stored procedures
From: srompf () TELEMATION DE (Stefan Rompf)
Date: Wed, 23 Jul 1997 14:40:29 +0200

At 00:15 23.07.97 +0200, Simon Josefsson wrote:

Fellow bugtraqers, I stumpled over this tonight.  It's a DoS-attack
against a Oracle Webserver 2.1 that serves PL/SQL stored procedures.

The old Oracle Webserver cannot be attacked this way. There seem
to be hard limits of 32 lines HTTP-Request, 1540 chars on the GET/HEAD
statement and 4096 chars on every additional header line.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]