Denial of Service Vulnerability in Oracle TNS Listener for 10g
CVE-2004-1369

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle10g; Oracle8i; Oracle9i; Collaboration Suite
Vendor: CVE Published:; 4 August 2004

Summary

The TNS Listener in Oracle 10g is susceptible to a denial of service attack. Remote attackers can exploit this vulnerability by sending a specially crafted service_register_NSGR request. This malformed request can contain an invalid offset for a pointer, causing the listener to reference incorrect memory and ultimately crash. As a result, the availability of the service is compromised, affecting users relying on Oracle's database functionalities.

References

http://www.ngssoftware.com/advisories/oracle23122004F.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/18664

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=110382524401468&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Jan 7, 2005
Vulnerability published
Aug 4, 2004