|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andrey Gordienko (red
rsh.kiev.ua)Date: Thu Mar 28 2002 - 04:54:07 CST
('binary' encoding is not supported, stored as-is)
name : Oracle
date : 28/3/2002
description : Oracle9i TSN DoS Attack
severity : High risk
homepage : www.oracle.com
versions : 9.0.1.1 (another version may be too)
Bug description :
For crash Oracle9i you need sent ONE TCP packet
(#$00 = 1 byte) to 1521 port and you can fogot about
Oracle (CPU - 100%).You cant connect. For connect
to server you need restart TSNLISTEN.For use
expolit You DONT NEED Oracle client or any Oracle
dlls.
Solution: We sent message to oracle but we didnt
have answer
P.S. you can download win32 expolit from
www.safety-lab.com (ShadowDoSAnalyzer)
Safety-Lab www.safety-lab.com
RedShadow and Melcosoft
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]