CVE

Id
3315  
CVE No.
CVE-2001-0498  
Status
Candidate  
Description
Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension.  
Phase
Proposed (20010727)  
Votes
ACCEPT(5) Armstrong, Cole, Prosser, Stracener, Ziese | MODIFY(1) Frech | NOOP(3) Christey, Foat, Wall  
Comments
Frech> XF:oracle-listener-offsettodata-dos(6713) | CONFIRM:http://otn.oracle.com/deploy/security/pdf/nai_net8_dos.pdf | CVE-2001-0498 possible dupe of CVE-2001-0515, which is already | assigned to oracle-listener-offsettodata-dos(6713) | Prosser> Discover of issue (NAI) indicates that Oracle produced a patch for this issue. Oracle patch site is restricted, but taking NAI"s word as verification. | Christey> Consider adding BID:2940  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
14045 3315 CVE-2001-0498 NAI:20010627 Oracle 8i SQLNet Header Vulnerability  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
64129 JVNDB-2001-000103 Oracle Database の TNS ライブラリにおけるサービス運用妨害 (DoS) の脆弱性 Oracle Database の TNS ライブラリには不備があり、ヘッダに長い文字列を含むSQLNet コネクションリクエストにより、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2001-0498 3315 5 http://jvndb.jvn.jp/ja/contents/2001/JVNDB-2001-000103.html  View