header-logo
Suggest Exploit
vendor:
Oracle Database
by:
SecurityFocus
7.5
CVSS
HIGH
Oracle TNS Listener Service Crash
20
CWE
Product Name: Oracle Database
Affected Version From: Oracle 8.1.7
Affected Version To: Oracle 9.2.0.1
Patch Exists: YES
Related CWE: CVE-2002-1300
CPE: o:oracle:oracle_database
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2002

Oracle TNS Listener Service Crash

A remote user can crash the Oracle TNS Listener service by connecting to the service and issuing the SERVICE_CURLOAD command. This will cause the listener to stop responding to connections and crash after the command is issued.

Mitigation:

Oracle has released a patch to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5678/info

The Oracle TNS Listener program is a remote connectivity service for Oracle Databases.

Under some circumstances, it may be possible for a remote user to crash TNS Listener service. By connecting to the service, and issuing the SERVICE_CURLOAD command, the service becomes unstable. It has been reported that this will cause the listenering to stop responding to connections, and also crash after the command is issued.

"(CONNECT_DATA=(COMMAND=SERVICE_CURLOAD))"

Navigation

Suggest Exploit

Services By CQR