Oracle 8.1.x/9.0/9.2 - TNS Listener Service_CurLoad Remote Denial of Service

EDB-ID:

21782

CVE:

N/A

Author:

Rapid 7

Type:

dos

Platform:

Multiple

Published:

2002-09-09

source: http://www.securityfocus.com/bid/5678/info

The Oracle TNS Listener program is a remote connectivity service for Oracle Databases.

Under some circumstances, it may be possible for a remote user to crash TNS Listener service. By connecting to the service, and issuing the SERVICE_CURLOAD command, the service becomes unstable. It has been reported that this will cause the listenering to stop responding to connections, and also crash after the command is issued.

"(CONNECT_DATA=(COMMAND=SERVICE_CURLOAD))"