Signature Detail
Short Name |
DB:ORACLE:TNS:LOOP-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Category |
DB |
Keywords |
Oracle TNS Listener Infinite Loop Denial of Service |
Release Date |
2009/09/10 |
Update Number |
1504 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DB: Oracle TNS Listener Infinite Loop Denial of Service
This signature detects attempts to exploit a known vulnerability against Oracle TNS listener. A successful attack can result in a denial-of-service condition.
Extended Description
Oracle Database is prone to a remote vulnerability affecting the 'Listener' component. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to exploit this vulnerability. The attacker can exploit this issue to crash the affected application, denying service to legitimate users. The following are vulnerable: Oracle9i 9.2.0.8 and 9.2.0.8DV Oracle10g 10.1.0.5 and 10.2.0.4 Oracle11g 11.1.0.7 Other versions may also be affected.
Affected Products
- Oracle Oracle10g Enterprise Edition 10.1.0 .5
- Oracle Oracle10g Enterprise Edition 10.2.0.4
- Oracle Oracle10g Personal Edition 10.1.0.5
- Oracle Oracle10g Personal Edition 10.2.0.4
- Oracle Oracle10g Standard Edition 10.1.0 .5
- Oracle Oracle10g Standard Edition 10.2.0.4
- Oracle Oracle11g Enterprise Edition 11.1.0.7
- Oracle Oracle11g Standard Edition 11.1.0.7
- Oracle Oracle9i Enterprise Edition 9.2.0 .8DV
- Oracle Oracle9i Personal Edition 9.2.0 .8DV
- Oracle Oracle9i Standard Edition 9.2.0.8
- Oracle Oracle9i Standard Edition 9.2.0 .8DV
References
- BugTraq: 35683
- CVE: CVE-2009-1970