Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01]

Products
Repscan 2008
PLSQL-Scanner
Hedgehog Enterpise
Checkpwd (free)

Services
Oracle Audit / Hardening
Security Training
Consulting

Information
Published Alerts
Upcoming Alerts
Patch Information
Whitepaper
Presentations
Oracle Fact Sheets
Exploits
Videos
Scripts

News & Events
Events
News

Company
Blog
Contact
People
Partner
Impressum
Sitemap

Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet [AS01]

Name	Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet (6085705) [AS01]
Systems Affected	Oracle Discoverer Servlet
Severity	Low Risk
Category	Remote D.o.S.
Vendor URL	http://www.oracle.com/
Author	Alexander Kornbrust (ak at red-database-security.com)
CVE
Advisory	17 April 2007 (V 1.00)

Details
The Oracle Discoverer Servlet contains a field for the database/tns alias. It is possible to send TNS STOP commands via this field and to shutdown unprotected Oracle TNS Listener.

Patch Information
Apply the patches for Oracle CPU April 2007.

History
28-oct-2003 Oracle secalert was informed
29-oct-2003 Bug confirmed
17-apr-2007 Oracle published CPU April 2007 [AS01]
17-apr-2007 Advisory published