SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Database_server | Oracle | 9.2.1 (including) | 9.2.1 (including) |
| Oracle9i | Oracle | 9.0 (including) | 9.0 (including) |
| Oracle9i | Oracle | 9.0.1 (including) | 9.0.1 (including) |
| Oracle9i | Oracle | 9.0.1.2 (including) | 9.0.1.2 (including) |
| Oracle9i | Oracle | 9.0.1.3 (including) | 9.0.1.3 (including) |
| Oracle9i | Oracle | 9.0.2 (including) | 9.0.2 (including) |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0072.html
- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20941
- http://otn.oracle.com/deploy/security/pdf/2002alert38rev1.pdf
- http://www.iss.net/security_center/static/9237.php
- http://www.securityfocus.com/bid/5457
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0072.html
- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20941
- http://otn.oracle.com/deploy/security/pdf/2002alert38rev1.pdf
- http://www.iss.net/security_center/static/9237.php
- http://www.securityfocus.com/bid/5457