Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 10gR2, 11gR1/R2 DBMSJVMEXPPERMS OS Command Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package...

Oracle 11g Multiple Remote Privilege Escalation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38115/info Oracle Database is prone to multiple remote privilege-escalation issues because it fails to properly restrict access to certain packages. The attacker can exploit these issues to escalate their privileges to DB...

Oracle Reports Developer Version Release 9i to 10gr2 Database Disclosure

An undocumented PARSEQUERY function in Oracle Forms and Reports allows dumping database username and passwords unauthenticated. The patch / workaround just appears to obfuscate the issue but not actually address it. Affected systems include versions 9iAS, 9iDS, 10G DS and AS, and 10G AS...

Oracle 10g - Multiple Privilege Escalation Vulnerabilities

Oracle 10g - Multiple Privilege Escalation Vulnerabilities source: https://www.securityfocus.com/bid/38115/info Oracle Database is prone to multiple remote privilege-escalation issues because it fails to properly restrict access to certain packages. The attacker can exploit these issues to escala...

Oracle 11g - Multiple Privilege Escalation Vulnerabilities

source: https://www.securityfocus.com/bid/38115/info Oracle Database is prone to multiple remote privilege-escalation issues because it fails to properly restrict access to certain packages. The attacker can exploit these issues to escalate their privileges to DBA or execute arbitrary operating...

Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit

Exploit for unknown platform in category local exploits ================================================ Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit ================================================ Title: Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit CVE-ID: OSVDB-ID: Author: Andrea...

Oracle DB SQL Injection via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE

The module exploits an sql injection flaw in the ALTERHOTLOGINTERNALCSOURCE procedure of the PL/SQL package DBMSCDCIPUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTECATALOGROLE have the required privilege. Affected...

Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE

The module exploits an sql injection flaw in the ALTERAUTOLOGCHANGESOURCE procedure of the PL/SQL package DBMSCDCPUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTECATALOGROLE have the required privilege. Affected...

Oracle Database Server PITRIG_DROPMETADATA缓冲区溢出漏洞

Oracle Database Server是一款商业性质的数据库服务程序。 Oracle Database 10gR2处理XDB.XDBPITRIGPKG.PITRIGDROPMETADATA过程存在缓冲区溢出，远程攻击者可以利用漏洞以数据库帐户上下文执行任意指令。 XDB.XDBPITRIGPKG.PITRIGDROPMETADATA过程接收两个参数，OWNER和NAME，这些参数长度由内部函数使用，在没有过滤的情况下构建SQL查询，如果组合的两个字段长度过长，可导致缓冲区溢出，以数据库帐户上下文执行任意指令 Oracle Oracle10g Standard Edition 10....

Oracle 10g (Windows x86) - 'PROCESS_DUP_HANDLE' Local Privilege Escalation

// Argeniss - Information Security // // Oracle Database local elevation of privileges PoC exploit // // Author: Cesar Cerrudo include include BOOL InjectShellcodeDWORD oldEIP,CHAR oSID HMODULE hKernel; FARPROC pCreateProc; LPSTR sCommand="cmd.exe"; DWORD dwStrLen; CHAR buff100;...