CVE-2002-0965 Information

Description

Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems and Oracle 8 on VM allows local users to execute arbitrary code via a long SERVICE_NAME parameter which is not properly handled when writing an error message to a log file.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0096.html http://online.securityfocus.com/archive/1/276526 http://otn.oracle.com/deploy/security/pdf/net9_dos_alert.pdf http://www.iss.net/security_center/static/9288.php http://www.kb.cert.org/vuls/id/630091 http://www.securityfocus.com/bid/4845