CVE-2002-0965

Oracle 9i - Buffer Overflow via Long SERVICE_NAME Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-0965. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/oracle/tns_service_name.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack buffer overflow in Oracle 8i TNS Listener via a long SERVICE_NAME parameter. It targets Windows 2000/2003 systems running Oracle 8.1.7.0.0, delivering a payload for remote code execution.

Description

Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16341

This is a Metasploit module exploiting a stack buffer overflow in Oracle 8i TNS Listener via a long SERVICE_NAME parameter. It targets Windows 2000/2003 systems running Oracle 8.1.7.0.0, delivering a payload for remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle 8i TNS Listener 8.1.7.0.0
No auth needed
Prerequisites: Network access to TNS Listener (port 1521) · Target running vulnerable Oracle version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/oracle/tns_service_name.rb

This Metasploit module exploits a stack buffer overflow in Oracle 8i TNS Listener via a long SERVICE_NAME value. It targets Windows 2000/2003 systems running Oracle 8.1.7.0.0, delivering a payload for remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle 8i TNS Listener 8.1.7.0.0
No auth needed
Prerequisites: Network access to TNS Listener port (1521) · Target running vulnerable Oracle version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/630091
Patch, Vendor Advisory x_refsource_confirm
http://otn.oracle.com/deploy/security/pdf/net9_dos_alert.pdf
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/4845
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/276526
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9288.php
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0096.html

Scores

EPSS 0.6981
EPSS Percentile 99.3%

Details

Status published
Products (3)
oracle/oracle9i 9.0
oracle/oracle9i 9.0.1
oracle/oracle9i 9.0.2
Published Oct 04, 2002
Tracked Since Feb 18, 2026