Bugtraq: Oracle9i TSN DoS Attack

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Oracle9i TSN DoS Attack

From: Andrey Gordienko <red () rsh kiev ua>
Date: 28 Mar 2002 10:54:07 -0000



name            : Oracle
date            : 28/3/2002
description     : Oracle9i TSN DoS Attack 
severity        : High risk
homepage        : www.oracle.com
versions        : 9.0.1.1 (another version may be too)
Bug description :
For crash Oracle9i you need sent ONE TCP packet 
(#$00 = 1 byte) to 1521 port and you can fogot about 
Oracle (CPU - 100%).You cant connect. For connect 
to server you need restart TSNLISTEN.For use 
expolit You DONT NEED Oracle client or any Oracle 
dlls. 
Solution: We sent message to oracle but we didnt 
have answer
P.S. you can download win32 expolit from 
www.safety-lab.com (ShadowDoSAnalyzer)

Safety-Lab www.safety-lab.com
RedShadow and Melcosoft

By Date By Thread

Current thread:

Oracle9i TSN DoS Attack Andrey Gordienko (Mar 28)
- <Possible follow-ups>
- Re: Oracle9i TSN DoS Attack Lucien Fransman (Mar 29)