Oracle Listener Malformed Debugging Command Denial Of Service Vulnerability

Oracle Listener Malformed Debugging Command Denial Of Service Vulnerability

The Oracle Listener includes support for a number of debugging commands. These may be used by a remote administrator to retrieve information about the database.

The Oracle Listener process may crash when processing a malformed debugging request. A remote attacker may exploit this vulnerability to create a denial of service condition.

It has been reported that the debugging features in question are enabled by default, and may not be disabled through configuration.