RE: Oracle tnslistener

["Magdelin Tey" <crux80 () hotmail com>]

I have encounter this vulnerability before. Try the tool tnscmd.pl . You 
need the perl compiler to run. It is able to detect the no password settings 
and you can also issue command to stop the database.

cheers
Mag

> From: tommymay () comcast net (Tommy May)
> To: pen-test () securityfocus com
> Subject: Oracle tnslistener
> Date: Fri, 11 May 2007 00:48:55 +0000
> Received: from outgoing.securityfocus.com ([205.206.231.27]) by 
> bay0-mc7-f21.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Fri, 
> 11 May 2007 11:18:45 -0700
> Received: from outgoing.securityfocus.com by outgoing.securityfocus.com     
>      via smtpd (for bay0-oim-f.bay0.hotmail.com [65.54.244.232]) with 
> ESMTP; Fri, 11 May 2007 11:17:32 -0700
> Received: from lists.securityfocus.com (lists.securityfocus.com 
> [205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid 
> C3907239044; Fri, 11 May 2007 12:13:49 -0600 (MDT)
> Received: (qmail 25878 invoked from network); 11 May 2007 00:55:50 -0000
> X-Message-Info: 
> LsUYwwHHNt29ePVLi+1OwHdi9fLYKy7op8ROf5mJVfi4pHtb6xdrxuoAnvZmfu0Y
> Mailing-List: contact pen-test-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <pen-test.list-id.securityfocus.com>
> List-Post: <mailto:pen-test () securityfocus com>
> List-Help: <mailto:pen-test-help () securityfocus com>
> List-Unsubscribe: <mailto:pen-test-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:pen-test-subscribe () securityfocus com>
> Resent-Sender: listbounce () securityfocus com
> Errors-To: listbounce () securityfocus com
> Delivered-To: mailing list pen-test () securityfocus com
> Delivered-To: moderator for pen-test () securityfocus com
> X-Mailer: AT&T Message Center Version 1 (Oct  4 2006)
> X-Authenticated-Sender: dG9tbXltYXlAY29tY2FzdC5uZXQ=
> Resent-Message-Id: <20070511181349.C3907239044 () outgoing3 securityfocus com>
> Resent-Date: Fri, 11 May 2007 12:13:49 -0600 (MDT)
> Resent-From: pen-test-return-1078484117 () securityfocus com
> Return-Path: 
> pen-test-return-1078484117-crux80=hotmail.com () securityfocus com
> X-OriginalArrivalTime: 11 May 2007 18:18:46.0010 (UTC) 
> FILETIME=[D05A4DA0:01C793F8]
>
> Anyone know of a good tool that will help to illustrate the vulnerabilities 
> of Oracle tnslistener left unsecured?  I already know that nessus 
> illustrates when it is unprotected, but I am looking for something that 
> will actually illustrate a compromise in a proof of concept lab.
>
> Any insight would be greatly appreciated.
>
> Thanks,
> Tommy
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------

_________________________________________________________________
Advertisement: 1000s of Sexy Singles online now at Lavalife - Click here 
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Flavalife9%2Eninemsn%2Ecom%2Eau%2Fclickthru%2Fclickthru%2Eact%3Fid%3Dninemsn%26context%3Dan99%26locale%3Den%5FAU%26a%3D27782&_t=762255081&_r=lavalife_may07_1000sexysingles&_m=EXT


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------