Oracle 8i SQLNet拒绝服务漏洞

漏洞信息详情

Oracle 8i SQLNet拒绝服务漏洞

• CNNVD编号：CNNVD-200107-146
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2001-0515
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2001-07-21
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  oracle
• 漏洞来源：
  Reported to Bugtra…

Oracle 7.3和8i版本的Oracle Listener存在漏洞。远程攻击者可以借助带有超大offset_to_data值的畸形连接导致服务拒绝。

* It has been reported that the patch is still unavailable. Forthcoming updates will provide additional information when it becomes available. Until fixes are obtainable, administrators should block network access to the listener.
A fix is reportedly being developed.
It will be available at the Oracle MetaLink support website.
http://metalink.oracle.com

来源: ISS
名称: 20010515 Multiple Oracle Listener Denial of Service Vulnerabilities
链接:http://xforce.iss.net/alerts/advise82.php

来源: otn.oracle.com
链接:http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf