Joe, You can download an evaluation version of AppDetective for Oracle from www.appsecinc.com. It will find holes in Oracle such as no listener password, default passwords, weak passwords, buffer overflows, misconfigurations, etc...
Regards, Aaron _____________________________________________ Aaron C. Newman CTO/Founder Application Security, Inc. Tel: 212-490-6022 Fax: 212-490-6456 E-mail: [EMAIL PROTECTED] Web: www.appsecinc.com Application Security, Inc. - Protection Where it Counts - -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]O n Behalf Of Joe Brown Sent: 17 December 2001 10:02 To: [EMAIL PROTECTED] Subject: Oracle TNS Listener Hello all, I'm currently performing a pen-test and have found a remote machine with TCP port 1521 open. I have read information about an Oracle TNS listener vulnerability but, can't find any more information. Can anyone point me in the right direction? Thanks. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
