Penetration Testing mailing list archives

Re: Oracle TNS Listener

From: "James W. Abendschan" <jwa () jammed com>
Date: Wed, 19 Dec 2001 12:08:23 -0800 (PST)

On 17 Dec 2001, Joe Brown wrote:

Hello all,

I'm currently performing a pen-test and have found a 
remote machine with TCP port 1521 open.  I have 
read information about an Oracle TNS listener 
vulnerability but, can't find any more information.  Can 
anyone point me in the right direction?


A simple tool I wrote to talk to tnslsnr & documentation 
which describes some security problems is available at

    http://www.jammed.com/~jwa/hacks/security/tnscmd

There are also some Oracle security/pentesting papers at

    http://www.pentest-limited.com/

James



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Oracle TNS Listener Joe Brown (Dec 19)
- RE: Oracle TNS Listener Aaron C. Newman (Dec 19)
- Re: Oracle TNS Listener James W. Abendschan (Dec 19)
- <Possible follow-ups>
- Re: Oracle TNS Listener dave (Dec 19)