Oracle9i TSN DoS Attack

[Andrey Gordienko <red () rsh kiev ua>]

name            : Oracle
date            : 28/3/2002
description     : Oracle9i TSN DoS Attack 
severity        : High risk
homepage        : www.oracle.com
versions        : 9.0.1.1 (another version may be too)
Bug description :
For crash Oracle9i you need sent ONE TCP packet 
(#$00 = 1 byte) to 1521 port and you can fogot about 
Oracle (CPU - 100%).You cant connect. For connect 
to server you need restart TSNLISTEN.For use 
expolit You DONT NEED Oracle client or any Oracle 
dlls. 
Solution: We sent message to oracle but we didnt 
have answer
P.S. you can download win32 expolit from 
www.safety-lab.com (ShadowDoSAnalyzer)

Safety-Lab www.safety-lab.com
RedShadow and Melcosoft