[EXPL] Oracle9i TSN Vulnerable to a DoS Attack

From: support@securiteam.com
Date: 03/31/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Sun, 31 Mar 2002 15:10:14 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Oracle9i TSN Vulnerable to a DoS Attack
------------------------------------------------------------------------

SUMMARY

A security vulnerability in Oracle9i ("Unbreakable") Database Server has
been found, the vulnerability would allow remote attackers to cause the
server's TSNLISTEN service to crash disallowing any legitimate requests
from being handled by the remote server.

DETAILS

Vulnerable systems:
Oracle version 9.0.1.1

In order to crash Oracle9i all you need to do is send ONE TCP packet (#$00
= 1 byte) to 1521 port. To restore server functionality you must restart
the TSNLISTEN service.

ADDITIONAL INFORMATION

The information has been provided by <mailto:red@rsh.kiev.ua> Andrey
Gordienko.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • SecurityFocus Microsoft Newsletter #171
    ... Better Management for Network Security ... GoodTech Telnet Server Remote Denial Of Service Vulnerabilit... ... ASPApp PortalAPP Remote User Database Access Vulnerability ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #174
    ... This issue sponsored by: Tenable Network Security ... the worlds only 100% passive vulnerability ... MICROSOFT VULNERABILITY SUMMARY ... Novell Netware Enterprise Web Server Multiple Vulnerabilitie... ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter # 150
    ... - automatically set positive security policies for real-time protection, ... MICROSOFT VULNERABILITY SUMMARY ... Meteor FTP Server USER Memory Corruption Vulnerability ... MDaemon SMTP Server Null Password Authentication Vulnerabili... ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #69
    ... LANguard Security Event Log Monitor: ... MICROSOFT VULNERABILITY SUMMARY ... BrowseFTP Client Buffer Overflow Vulnerability ... Michael Lamont Savant Web Server Long Request DoS Vulnerability ...
    (Focus-Microsoft)
  • [NEWS] ePolicy Orchestrator Multiple Vulnerabilities
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... and use a Thawte Digital Certificate on your MSIIS web server. ... To attack a machine running ePO, an attacker would typically need to be ... MSDE SA account compromise - This vulnerability applies to ePO 2.X and 3.0 ...
    (Securiteam)