This Metasploit module exploits a stack buffer overflow in Oracle. When sending a specially crafted packet containing a long AUTH_SESSKEY value to the TNS service, an attacker may be able to execute arbitrary code.
e9967e777e3c8fe58c92669e0506711f78d2e29ac497889ccf38191214de029e
Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4 that relates to an improper AUTH_SESSKEY parameter length validation.
52a2d39306c0ea3dca0906e13dceccca08d82caae4db3bc685d747c0e4e324f1