Bugtraq mailing list archives
Oracle9i TSN DoS Attack
From: Andrey Gordienko <red () rsh kiev ua>
Date: 28 Mar 2002 10:54:07 -0000
name : Oracle date : 28/3/2002 description : Oracle9i TSN DoS Attack severity : High risk homepage : www.oracle.com versions : 9.0.1.1 (another version may be too) Bug description : For crash Oracle9i you need sent ONE TCP packet (#$00 = 1 byte) to 1521 port and you can fogot about Oracle (CPU - 100%).You cant connect. For connect to server you need restart TSNLISTEN.For use expolit You DONT NEED Oracle client or any Oracle dlls. Solution: We sent message to oracle but we didnt have answer P.S. you can download win32 expolit from www.safety-lab.com (ShadowDoSAnalyzer) Safety-Lab www.safety-lab.com RedShadow and Melcosoft
Current thread:
- Oracle9i TSN DoS Attack Andrey Gordienko (Mar 28)
- <Possible follow-ups>
- Re: Oracle9i TSN DoS Attack Lucien Fransman (Mar 29)