"Regalado, Ron" <[EMAIL PROTECTED]> writes: > I've been running some scans on an Oracle server.. Every time I run a > nessus scan on it I have to restart the Oracle Listener service. I narrowed > it down to the services plugin.
Just checking: check_ports.nasl should tell you that the service crashed. If not, I have to fix it. > Anyone have any ideas what might be causing this? The fact that Oracle Listener is badly written and cannot cope with unexpected input. As Michael said, you found a DOS, perhaps even worse. However, you are not the first one to signal such a problem, so I wouldn't be surprised if a patch is already available. The exact sequence from the last versions of find_services is: - try to open a TLSv1 connection - then SSLv3 - then SSLv2 - then plain TCP connection - read the banner (if any) with a short timeout - send "GET / HTTP/1.0" and look at the answer The SSL connection attempts are sometimes deadly. Try again by setting the Pref "Test SSL based services" on "Known SSL ports". If it does not crash, you'll know the culprit. -- mailto:arboi@;bigfoot.com GPG Public keys: http://michel.arboi.free.fr/pubkey.txt http://michel.arboi.free.fr/ http://arboi.da.ru/ FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/ - [EMAIL PROTECTED]: general discussions about Nessus. * To unsubscribe, send a mail to [EMAIL PROTECTED] with "unsubscribe nessus" in the body.
