Oracle 8i SQLNet拒绝服务漏洞

漏洞信息详情

Oracle 8i SQLNet拒绝服务漏洞

• CNNVD编号：CNNVD-200107-139
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2001-0516
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2001-07-21
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  oracle
• 漏洞来源：
  Reported to Bugtra…

Oracle 9i和Oracle 8.0 版本的Oracle listener存在漏洞。远程攻击者可以借助包含不符合预期数据偏移的requester_version值的不正确畸形连接数据包导致服务拒绝。

* It has been reported that the patch is still unavailable. Forthcoming updates will provide additional information when it becomes available. Until fixes are obtainable, administrators should block network access to the listener.
A fix is reportedly being developed.
It will be available at the Oracle MetaLink support website.
http://metalink.oracle.com

来源: ISS
名称: 20010515 Multiple Oracle Listener Denial of Service Vulnerabilities
链接:http://xforce.iss.net/alerts/advise82.php

来源: otn.oracle.com
链接:http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf