Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 11g R1/R2 DBMSJVMEXPPERMS OS Code Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package that allo...

Oracle DB SQL Injection Via SYS.LT.FINDRICSET Evil Cursor Method

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

Hotfix Rollup Pack 1 for XenApp 5 2008 - Features and Enhancements List

This article describes Hotfix Rollup Pack 1 for Citrix XenApp 5 for Microsoft Windows Server 2008. Hotfix Rollup Pack 1 is cumulative - it can be installed on top of the XenApp 5 for Windows Server 2008 base product, on top of the first Feature Pack, Feature Pack 2, or Feature Pack 3. HRP01...

Oracle Auditing Part 1: Standard Auditing

This is the first of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant if you choose to use Pure Unified Auditing. Unified Auditing will be covered in the third part of this series...

Weak Password Vulnerability in 3Com-OfficeConnect ADSL Wireless 11g Firewall Router

Founded in 1979, 3Com is a U.S. equipment provider of security products, integrated voice appliances, and data networking solutions for businesses of all sizes. A weak password vulnerability exists in the 3Com-OfficeConnect ADSL Wireless 11g Firewall Router, which can be exploited by attackers to...

Oracle Database 11g Release 2 - (OracleDBConsoleorcl) Unquoted Service Path Vulnerability

Exploit Title: Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path Discovery by: Nguyen Khang - SunCSR Vendor Homepage: https://www.oracle.com/ Software Link: https://www.oracle.com/database/technologies/112010-win64soft.html Tested Version: 11g release 2 Vulnerability Typ...

Design/Logic Flaw

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via...

U.S. Dept Of Defense: SQL Injection - https://███/█████████/MSI.portal

Summary: https://███████/███████/MSI.portal has a form page which is vulnerable to SQL injection. Description: URL: https://████/██████/MSI.portal?nfpb=true&pageLabel=msiportalpage61query The above url has a form where the field MSIqueryType is vulnerable to time based blind SQL injection. I...

Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with:...

Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution

!/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with: Version 12.1.2.0.0 17185003...

Oracle Business Intelligence Mobile HD 11.x Script Insertion

Document Title: =============== Oracle Business Intelligence Mobile HD v11.x iOS - Persistent UI Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1361 Oracle Security ID: S0540289 Tracking ID: S0540289 Reporter ID: 1 2015Q1 Release Date:...

Oracle BI Mobile HD v11.x iOS - Persistent UI Vulnerability

Document Title: =============== Oracle BI Mobile HD v11.x iOS - Persistent UI Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1361 Oracle Security ID: S0540289 Tracking ID: S0540289 Reporter ID: 1 2015Q1 Release Date: ============= 2015-05-06...

Oracle 9i/10g Database Network Foundation Remote Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35684/info Oracle Database is prone to a remote vulnerability in Network Foundation. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to exploit this vulnerability...

Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit

No description provided by source. !/usr/bin/python Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit Date found approx: 9/3/2010 Software Link: http://www.oracle.com/technology/products/database/oracle10g/index.html Version: 10.x and 11g r1 r2 untested Tested on: Windows XP SP...

[SE-2014-01] Security vulnerabilities in Oracle Database Java VM

Hello All, Security Explorations discovered multiple security issues in the implementation of a Java VM embedded in Oracle Database software 1. Discovered security issues violate many "Secure Coding Guidelines for the Java Programming Language" 2. Most of them demonstrate a well known problem...

RedoWalker - Tool to explore Oracle database transaction logs

RedoWalker is a tool to explore Oracle database transaction logs, otherwise known as redo logs. Any time changes are made to the database server, for example after an INSERT, DELETE or UPDATE, they are recorded in the redo log. These redo logs are stored in a proprietary and undocumented format...

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

Exploit for php platform in category web applications Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013 Release date:...

Oracle Reports Developer Version Release 9i to 10gr2 Database Disclosure

An undocumented PARSEQUERY function in Oracle Forms and Reports allows dumping database username and passwords unauthenticated. The patch / workaround just appears to obfuscate the issue but not actually address it. Affected systems include versions 9iAS, 9iDS, 10G DS and AS, and 10G AS...

Oracle Forms And Reports Database Disclosure

PARSEQUERY http://docs.oracle.com/cd/E1676401/bi.1111/b32121/pbrcla007.htmi640592 Description Use PARSEQUERY to parse an rwservlet query and display the constructed Reports Server command line. Syntax http://yourwebserver/reports/rwservlet/parsequery?server=servername&authid=username/password...

NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)

High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Invalid pointer read Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...