Home page logo
/

bugtraq logo Bugtraq mailing list archives

Oracle9i TSN DoS Attack
From: Andrey Gordienko <red () rsh kiev ua>
Date: 28 Mar 2002 10:54:07 -0000



name            : Oracle
date            : 28/3/2002
description     : Oracle9i TSN DoS Attack 
severity        : High risk
homepage        : www.oracle.com
versions        : 9.0.1.1 (another version may be too)
Bug description :
For crash Oracle9i you need sent ONE TCP packet 
(#$00 = 1 byte) to 1521 port and you can fogot about 
Oracle (CPU - 100%).You cant connect. For connect 
to server you need restart TSNLISTEN.For use 
expolit You DONT NEED Oracle client or any Oracle 
dlls. 
Solution: We sent message to oracle but we didnt 
have answer
P.S. you can download win32 expolit from 
www.safety-lab.com (ShadowDoSAnalyzer)

Safety-Lab www.safety-lab.com
RedShadow and Melcosoft


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault