{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Oracle 9i Release 2 (9.2.x) ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle 9i Release 1 (9.0.x) ;","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle 8i (8.1.x).","product":{"name":"N/A","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nLe service r\u00e9seau Oracle Net Listener (port 1521/tcp par d\u00e9faut) est le\ncomposant principal d'Oracle Net, l'application qui permet d'acc\u00e8der \u00e0\ndistance \u00e0 une base de donn\u00e9es Oracle.\n\nUn utilisateur mal intentionn\u00e9 peut utiliser une requ\u00eate malicieusement\nconstruite employant la commande  \n`SERVICE_CURLOAD` afin d'effectuer un d\u00e9ni de service sur Oracle NET\nListener.\n\n## Solution\n\nAppliquer le correctif correspondant \u00e0 cette vuln\u00e9rabilit\u00e9, disponible\nsur le site d'Oracle :\n\n    http://metalink.oracle.com\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 #42 d'Oracle :","url":"http://otn.oracle.com/deploy/security/pdf/2002alert42rev1.pdf"}],"reference":"CERTA-2002-AVI-225","revisions":[{"description":"version initiale.","revision_date":"2002-10-15T00:00:00.000000"},{"description":"modification des syst\u00e8mes affect\u00e9s.","revision_date":"2002-10-16T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Oracle Net Services.\n","title":"Vuln\u00e9rabilit\u00e9 dans Oracle Listener","vendor_advisories":[{"published_at":null,"title":"Bulletin d'alerte 42 d'Oracle","url":null}]}