Bugtraq mailing list archives
RE: [COVERT-2001-04] Vulnerability in Oracle 8i TNS Listener
From: "Jeffrey M. Smith" <jsmith () purdue edu>
Date: Fri, 29 Jun 2001 11:54:09 -0500
o Resolution Oracle has produced a patch under bug number 1489683 which is available for download from the Oracle Worldwide Support Services web site, Metalink (http://metalink.oracle.com) for the platforms identified in this advisory. The patch is in production for all supported releases of the Oracle Database Server.
It may be premature to say there is a resolution to this problem or the other reported problem ([COVERT-2001-03] Oracle 8i SQLNet Header Vulnerability). I have searched the metalink site for several hours trying to find a bug report that references either of these problems or the patches, to no avail. I've also searched for the patch on Oracle's ftp server ftp-oracle.oracle.com, also without success. There are at least 3 articles posted to the internal metalink networking forum from Oracle users who haven't been able to locate the patches. I have opened a "TAR" with Oracle to request the patches, but has anyone been able to locate either of these patches or the corresponding bug reports on metalink? Jeff Smith, Purdue University
Current thread:
- [COVERT-2001-04] Vulnerability in Oracle 8i TNS Listener COVERT Labs (Jun 28)
- RE: [COVERT-2001-04] Vulnerability in Oracle 8i TNS Listener Jeffrey M. Smith (Jun 29)