Oracle Database Server Create Database Link Overflow DoS

2005-01-19T06:52:31
ID OSVDB:13062
Type osvdb
Reporter Alexander Kornbrust(ak@red-database-security.com)
Modified 2005-01-19T06:52:31

Description

Vulnerability Description

Oracle Database Server contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user issues a specially crafted CONNECT string, and will result in loss of availability for the service.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability.

Short Description

Oracle Database Server contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user issues a specially crafted CONNECT string, and will result in loss of availability for the service.

References:

Vendor Specific Advisory URL Secunia Advisory ID:13862 Other Advisory URL: http://www.red-database-security.com/content6.html Bugtraq ID: 12296