5 matches found
Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 11g R1/R2 DBMSJVMEXPPERMS OS Code Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package that allo...
Hotfix Rollup Pack 1 for XenApp 5 2008 - Features and Enhancements List
This article describes Hotfix Rollup Pack 1 for Citrix XenApp 5 for Microsoft Windows Server 2008. Hotfix Rollup Pack 1 is cumulative - it can be installed on top of the XenApp 5 for Windows Server 2008 base product, on top of the first Feature Pack, Feature Pack 2, or Feature Pack 3. HRP01...
Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects
Exploit for php platform in category web applications Unvalidated Redirects on Oracle Identity Manager ======================================================================= ADVISORY INFORMATION Title: Unvalidated Redirects on Oracle Identity Manager Discovery date: 10/12/2013 Release date:...
Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit Date found approx: 9/3/2010 Software Link: http://www.oracle.com/technology/products/database/oracle10g/index.html Version: 10.x and 11g r1 r2 untested...
Oracle数据库不安全过程调用远程命令执行漏洞
BUGTRAQ ID: 38115 Oracle是大型的商业数据库系统。 由于没有正确地限制对DBMSJVMEXPPERMS软件包中过程的访问,远程用户可以通过IMPORTJVMPERMS过程修改Java策略表,导致执行任意操作系统命令。此外由于没有正确地处理传送给DBMSJAVA.SETOUTPUTTOJAVA过程的参数,远程用户可以以 SYS用户权限执行任意SQL命令。 Oracle Database 11g R2 厂商补丁: Oracle ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...