[From Oracle Technology Network]
A potential security vulnerability has been discovered in Oracle Net Services for the
Oracle Database server. A knowledgeable and malicious user can cause a buffer
overflow in an Oracle database link that may result in a Denial of Service (DoS)
attack and/or the execution of arbitrary code against the Oracle Database server.
Products Affected
- Oracle9i Release 2
- Oracle9i Release 1
- Oracle8i (8.1.x – all releases)
- Oracle8 (8.0.x – all releases)
- Oracle7 Release 7.3.x
The article continues at
http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf