Saturday, June 14, 2025
Advertisements

Oracle TNS Protocol Vulnerability Leaks System Memory

by Charline
written by Charline

A newly discovered vulnerability in Oracle’s Transparent Network Substrate (TNS) protocol allows remote attackers to access sensitive system memory without authentication. This flaw, tracked as CVE-2025-30733, affects multiple versions of Oracle Database Server.

Oracle released a patch on April 15, 2025. The issue affects versions 19.3 to 19.26, 21.3 to 21.17, and 23.4 to 23.7. It carries a CVSS v3.1 score of 6.5, indicating a medium-severity threat.

Advertisements

Memory Leak Through Oracle TNS Listener

Security researchers from Driftnet discovered the flaw while testing TNS listeners using version requests. When sent over TCPS (TNS over SSL/TLS), some Oracle servers responded with unintended memory data.

Advertisements

The leaked data included uninitialized memory content such as:

Advertisements
  • Windows environment variables (e.g., USERDOMAIN, USERNAME)
  • Local file paths and session data
  • Prefixes such as “sdp” and “wss” suggesting Session Description Protocol and Web Services Security involvement

The vulnerability is tied to how Oracle handles memory in TCPS responses. A failure to clear memory before sending it causes fragments of past data to be exposed to unauthenticated users.

Advertisements

Vulnerability Scope and Risk

Although Oracle has restricted external access since version 10g, researchers still found around 40 exposed servers online. Most of them were running Windows and used the default TNS listener port (1521).

The exposure depends on the LOCAL_OS_AUTHENTICATION setting. If it is set to OFF, the system allows remote connections, making the vulnerability exploitable.

Risk Summary

  • Affected Products: Oracle Database Server RDBMS Listener (19.3–19.26, 21.3–21.17, 23.4–23.7)
  • Impact: Unauthorized access to sensitive memory
  • Requirements: Remote access to TNS listener, non-default configuration, user interaction
  • CVSS 3.1 Score: 6.5 (Medium)

Mitigation and Recommendations

Oracle has addressed this issue in the April 2025 Critical Patch Update. Administrators are urged to apply the patch immediately.

Organizations should also:

  • Verify the LOCAL_OS_AUTHENTICATION parameter is set correctly
  • Avoid exposing TNS listeners to the internet
  • Review access control and firewall rules to minimize external attack surfaces

This incident shows the continued risks from legacy network protocols. Oracle’s TNS listener tool (lsnrctl) dates back nearly 30 years. As a best practice, experts recommend keeping database services off the public internet whenever possible.

Proper patching and secure configuration remain the most effective defenses against vulnerabilities like CVE-2025-30733.

You Might Also Like
Advertisements
blank

Charline is the editor of ProxyServerPro's platform. She is a digital privacy and proxy solutions expert with over 10 years of experience writing and editing content related to online security, browsing solutions, and data protection. Charline has contributed to various tech publications and worked closely with professionals and businesses to enhance their understanding of proxies, internet anonymity, and digital security. Prior to joining ProxyServerPro, she worked at leading digital security firms, where she helped produce educational content aimed at helping users navigate the complexities of the online world with confidence and security.

You may also like

How to Use Proxy in Brave Browser | Step-by-Step Guide

How to Use Proxy in Chrome on Android — Step-by-Step Guide

How to Use SOCKS5 Proxy on Chrome? A Comprehensive Guide

How to Use VPN and Proxy Together? A Comprehensive Guide

How to Open Blocked Websites by Proxy — A Complete Guide

How to Use Google Translate as a Proxy? A Step-by-Step Guide

blank

At ProxyServerPro, we are dedicated to providing cutting-edge proxy solutions tailored to meet the diverse needs of businesses and individuals. Our platform offers a comprehensive range of high-performance proxies, including residential, datacenter, and mobile options, ensuring seamless browsing, data scraping, and online anonymity. With a focus on reliability, speed, and security, we empower users to navigate the digital landscape with confidence. Whether you’re managing ad verification, market research, or web automation, ProxyServerPro is your trusted partner for scalable, efficient, and secure proxy services. Explore our portal to discover how we can elevate your online experience.

popular recommendation

The Five Best Free Proxy Servers
Is FoxyProxy Safe?
AI Demand Drives Record Revenue Growth in Server and Storage Components
How Does a Web Proxy Work?

Useful Links

TAGS

© 2024 Copyright  proxyserverpro.com