Re: Oracle9i TSN DoS Attack

From: Lucien Fransman (l_fransmanat_private)
Date: Fri Mar 29 2002 - 05:38:15 PST

Next message: altomo: "Re:[Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability"

Previous message: Tom Micklovitch: "privacy issues in metor.com (a search engine)"
Maybe in reply to: Andrey Gordienko: "Oracle9i TSN DoS Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

I was wondering if the issue with the TNS listener you mention is the same
that has been reported in April 22, 2001 to this mailinglist ( see
http://marc.theaimsgroup.com/?l=bugtraq&m=98770470120424&w=2 for details)
(which is BTW the same as the vulnerability mentioned in this
(http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf )Oracle
advisory AFAIK).

I dont have access to a Oracle test database ATM, so if you would be so kind
to confirm or deny this, I would be very gratefull.

BTW, as this appered in Oracle 8 and prior versions, Oracle Corp has not
done their homework very well with newer releases :)


With Kind Regards,

Enchanter_tim

Next message: altomo: "Re:[Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability"
Previous message: Tom Micklovitch: "privacy issues in metor.com (a search engine)"
Maybe in reply to: Andrey Gordienko: "Oracle9i TSN DoS Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Mar 29 2002 - 12:40:26 PST