Joe, You can download an evaluation version of AppDetective for Oracle from www.appsecinc.com. It will find holes in Oracle such as no listener password, default passwords, weak passwords, buffer overflows, misconfigurations, etc... Regards, Aaron _____________________________________________ Aaron C. Newman CTO/Founder Application Security, Inc. Tel: 212-490-6022 Fax: 212-490-6456 E-mail: anewmanat_private Web: www.appsecinc.com Application Security, Inc. - Protection Where it Counts - -----Original Message----- From: pen-test-return-1495-aaron=newman-family.comat_private [mailto:pen-test-return-1495-aaron=newman-family.comat_private]O n Behalf Of Joe Brown Sent: 17 December 2001 10:02 To: pen-testat_private Subject: Oracle TNS Listener Hello all, I'm currently performing a pen-test and have found a remote machine with TCP port 1521 open. I have read information about an Oracle TNS listener vulnerability but, can't find any more information. Can anyone point me in the right direction? Thanks. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Dec 19 2001 - 14:39:13 PST