正文

Oracle 8i SQLNet拒绝服务漏洞

admin
admin V管理员 /0 评论 /6 阅读
1231
此篇文章发布距今已超过1286天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Oracle 8i SQLNet拒绝服务漏洞

  • CNNVD编号:CNNVD-200107-146
    • <!--
  • 危害等级: 中危-->
  • 危害等级: 中危
  • CVE编号: CVE-2001-0515
  • 漏洞类型: 其他
  • 发布时间: 2001-07-21
  • 威胁类型: 远程
  • 更新时间: 2005-10-20
  • 厂        商: oracle
  • 漏洞来源: Reported to Bugtra...

漏洞简介

Oracle 7.3和8i版本的Oracle Listener存在漏洞。远程攻击者可以借助带有超大offset_to_data值的畸形连接导致服务拒绝。

漏洞公告

* It has been reported that the patch is still unavailable. Forthcoming updates will provide additional information when it becomes available. Until fixes are obtainable, administrators should block network access to the listener. A fix is reportedly being developed. It will be available at the Oracle MetaLink support website. http://metalink.oracle.com

参考网址

来源: ISS 名称: 20010515 Multiple Oracle Listener Denial of Service Vulnerabilities 链接:http://xforce.iss.net/alerts/advise82.php 来源: otn.oracle.com 链接:http://otn.oracle.com/deploy/security/pdf/net8_dos_alert.pdf

受影响实体

  • Oracle Oracle8i:8.1.7  
    <!--
    2000-1-1
    -->
  • Oracle Oracle8i:8.1.6  
    <!--
    2000-1-1
    -->
  • Oracle Database_server:7.3  
    <!--
    2000-1-1
    -->

补丁

    暂无