7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.95 High
EPSS
Percentile
99.3%
A buffer overflow vulnerability exists in the TNS Listener component of Oracle9i Database. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the TNS Listener process or cause a denial of service.
Oracle9i Database authenticates and manages database connections via Oracle Transparent Network Substrate (TNS ) Listeners. According to a report by NGSSoftware, a buffer overflow condition occurs when a TNS Listener process attempts to log an error condition caused by a TNS request containing an overly long SERVICE_NAME parameter. An attacker may be able to exploit this vulnerability by sending a specially crafted TNS request to a vulnerable Oracle Listener.
According Oracle Security Alert #34, Microsoft Windows and IBM VM versions of Oracle9i Database (9.0.x) are affected by this vulnerability.
An unauthenticated remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. Oracle Listener processes may run with SYSTEM privileges on Windows NT and Windows 2000 systems.
Apply a Patch
Oracle Security Alert #34 provides information on patches that address this vulnerability.
Restrict Access
Where possible, limit access to trusted users, hosts, and networks. Use firewall or router ACLs (access control lists) to restrict connections to the port used by Oracle TNS Listeners, 1521/tcp by default. Enable the Oracle Net feature called “TCP valid node checking” by modifying $ORACLE_HOME/NETWORK/ADMIN/SQLNET.ORA
($ORACLE_HOME/NETWORK/ADMIN/PROTOCOL.ORA
in Oracle8i and prior releases) as follows:
tcp.validnode_checking = YES
tcp.invited_nodes = {list of IP addresses}
tcp.excluded_nodes = {list of IP addresses}
Note that restricting access to Oracle TNS Listeners will not prevent exploitation of this vulnerability.
630091
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 31, 2002 Updated: June 13, 2002
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Oracle has released Oracle Security Alert #34.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23630091 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
The CERT/CC thanks David Litchfield of NGSSoftware for information used in this document.
This document was written by Art Manion.
CVE IDs: | CVE-2002-0965 |
---|---|
Severity Metric: | 11.66 Date Public: |