Signature Detail

Short Name	DB:ORACLE:TNS:SHORT_MSG
Severity	High
Recommended	No
Recommended Action	Drop
Category	DB
Keywords	TNS short
Release Date	2005/10/24
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

DB: Oracle TNS Short Message

This anomaly triggers if it detects that the Transparent Network Substrate (TNS) part of a packet in a message, that is shorter then expected. A malformed message, with a shorter than normal TNS packet part can indicated an attempt to compromise your system.

Extended Description

A denial of service vulnerability exists in Oracle 8i. An attacker connecting to the host and sending a malformed SQLNet (Type-1) connection request, could cause the host to stop responding.

Affected Products

Oracle Oracle8 8.1.5
Oracle Oracle8 8.1.6
Oracle Oracle8 8.1.7

References

CVE: CVE-2007-5530
CVE: CVE-2001-0518
URL: http://en.wikipedia.org/wiki/Transparent_Network_Substrate
URL: http://www.orafaq.com/faqnet.htm

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

DB: Oracle TNS Short Message

Extended Description

Affected Products

References