Oracle9i TSN DoS Attack

From: Andrey Gordienko (redat_private)
Date: Thu Mar 28 2002 - 02:54:07 PST

Next message: Wu Tao: "A possible buffer overflow in libnewt"

Previous message: pokleyzz sakamaniaka: "squirrelmail 1.2.5 email user can execute command"
Next in thread: Lucien Fransman: "Re: Oracle9i TSN DoS Attack"
Reply: Lucien Fransman: "Re: Oracle9i TSN DoS Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) name : Oracle date : 28/3/2002 description : Oracle9i TSN DoS Attack severity : High risk homepage : www.oracle.com versions : 9.0.1.1 (another version may be too) Bug description : For crash Oracle9i you need sent ONE TCP packet (#$00 = 1 byte) to 1521 port and you can fogot about Oracle (CPU - 100%).You cant connect. For connect to server you need restart TSNLISTEN.For use expolit You DONT NEED Oracle client or any Oracle dlls. Solution: We sent message to oracle but we didnt have answer P.S. you can download win32 expolit from www.safety-lab.com (ShadowDoSAnalyzer) Safety-Lab www.safety-lab.com RedShadow and Melcosoft

Next message: Wu Tao: "A possible buffer overflow in libnewt"
Previous message: pokleyzz sakamaniaka: "squirrelmail 1.2.5 email user can execute command"
Next in thread: Lucien Fransman: "Re: Oracle9i TSN DoS Attack"
Reply: Lucien Fransman: "Re: Oracle9i TSN DoS Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 28 2002 - 14:50:13 PST