|
| |
|
Security Intelligence Operations
Oracle Database Server Listener Component Denial of Service Vulnerability |
| |
| Vulnerability Alert | Powered by  |
|
|
| Threat Type: | Unintended Weakness: Denial of Service |
|
| IntelliShield ID: | 18066 |
| Version: | 1 |
| First Published: | April 21, 2009 10:42 AM EDT |
| Last Published: | April 21, 2009 10:42 AM EDT |
| Vector: | Network |
| Authentication: | None |
| Exploit: | Proof-of-Concept |
| Port: | 1521 |
| CVE: | CVE-2009-0991 |
| |
| Urgency: |
Unlikely Use
|  |
| Credibility: |
Confirmed
|  |
| Severity: |
Mild Damage
|  |
| CVSS Base: | 5.0 |
CVSS Calculator
CVSS Version 2
|
| CVSS Temporal: | 3.9 |
|
|
| |
| Version Summary: | The Oracle Database server contains a vulnerability in the Listener component that could allow an unauthenticated, remote attacker to cause a denial of service condition. Updates are available. |
| |
| |
| Description |
|
Oracle Database servers 9i, 10g, 10gR2, and 11g have a vulnerability in the Listener component that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is in the Oracle listener process when handling malicious input. An attacker could exploit the vulnerability by sending crafted input to the listener process on an affected system. The crafted input could cause the listener process to fail, resulting in a DoS condition.
Proof-of-concept code is available that demonstrates a DoS condition on the Windows platform.
Oracle has confirmed the vulnerability and released updated software. |
| |
| Warning Indicators |
|
The following versions of Oracle Database Server are vulnerable:
Oracle Database Server 11.1.0.7 and prior
Oracle Database Server 10.2.0.4 and prior
Oracle Database Server 10.1.0.5 and prior
Oracle Database Server 9.2.0.8 and 9.2.0.8DV |
| |
| IntelliShield Analysis |
|
The Oracle Database Listener process allows users to connect to the database. If the Listener is not running, remote users will be unable to connect to the database, which is a significant DoS condition on the database server.
The Oracle Critical Patch Update for April 2009 lists and confirms CVE-2009-0991 as corrected; however, Oracle has not provided technical details for the vulnerability.
|
| |
| Vendor Announcements |
|
Oracle has released a security advisory at the following link: Oracle Critical Patch Update April 2009 |
|
| |
| Impact |
|
An unauthenticated, remote attacker could exploit this vulnerability to cause a DoS condition on the Oracle Listener. The exploit could disrupt user connections to the database, resulting in a significant DoS condition on the Oracle Database Server. |
| |
| Technical Information |
|
The vulnerability is in the Oracle Listener process when processing crafted requests from a remote attacker. On the Windows platform, the vulnerability exists in the oranro11.dll library when processing a memcpy() function call issued by the ncrfintn() function.
An unauthenticated, remote attacker could send crafted input to the Oracle Listener on TCP port 1521 to trigger the vulnerability that causes the listener to crash, resulting in a DoS condition. |
| |
| Safeguards |
|
Administrators are advised to apply the appropriate updates.
Administrators are advised to restrict access to port 1521 on affected systems to trusted networks and hosts.
Administrators are advised to use an intrusion prevention system or an intrusion detection system to monitor for attacks and, in some cases, prevent them from occurring. |
| |
| Patches/Software |
|
Oracle has released patches for registered users at the following link: Oracle |
|
| Signatures |
| |
|
|
| |
| Alert History |
| |
Initial Release |
|
Product Sets |
| |
The security vulnerability applies to the following combinations of products.
|
|
LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME. |
|
|
| |
