Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| Gauntlet Firewall 'sql-gw' Proxy Can Be Crashed By Remote Users Sending Invalid Data |
|---|
Categorie: Vulnerability
Posted: 2003-09-26 by ReCall
Views: 397
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: A denial of service vulnerability was reported in the Gauntlet firewall. A remote user can cause the SQL-Gateway service to crash.
It is reported that a remote user can connect to the Oracle Proxy (SQL-Gateway) and send a series of invalid data to cause the sql-gw process to crash.
A demonstration exploit script is provided:
running sql-gw at the standard port 1521:
for a in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
do
telnet aaa.bbb.ccc.ddd 1521
done
According to the report, the vendor was notified in August 2003 but has been unable to reproduce the problem.
Impact: A remote user can cause the sql-gw proxy to crash.
Solution: No solution was available at the time of this entry. According to the report, the vendor has not been able to reproduce the problem.
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=474
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
