48 matches found
EUVD-2001-0494
Malware in sbrugna...
Oracle 8i dbsnmp Command Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3903/info Oracle 8i is an enterprise level database solution. It is available on a wide variety of platforms, including many Unix operating systems. It is possible to cause a denial of service condition in Oracle 8i. If...
Oracle 8i TNS Listener Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2941/info Oracle 8i ships with a component called TNS Listener. TNS Listener is used to arbitrate communication between remote database clients/applications and the database server. There exists a remotely exploitable...
Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow
No description provided by source. $Id: tnsservicename.rb 11128 2010-11-24 19:43:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Oracle 8i TNS Listener Local Command Parameter Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4413/info Oracle 8i is a powerful relational database product. It is available for Windows, Linux, and a wide range of Unix operating systems. A vulnerability has been reported with some versions of Oracle 8i for Linux. A...
Oracle 8.x cmctl Buffer Overflow Vulnerability
No description provided by source. / source: http://www.securityfocus.com/bid/1968/info cmctl is the Connection Control Manager, part of the Oracle 8i installation. A vulnerability exists that can allow elevation of privileges. The problem occurs in the way cmctl handles the user-supplied command...
Oracle Password Hashdump
This module dumps the usernames and password hashes from Oracle given the proper Credentials and SID. These are then stored as creds for later cracking using auxiliary/analyze/jtroraclefast. This module supports Oracle DB versions 8i, 9i, 10g, 11g, and 12c. This module requires Metasploit:...
Oracle 8i - TNS Listener 'ARGUMENTS' Remote Buffer Overflow (Metasploit)
$Id: tnsarguments.rb 11122 2010-11-24 06:10:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Oracle 8i - TNS Listener SERVICE_NAME Buffer Overflow (Metasploit)
$Id: tnsservicename.rb 11128 2010-11-24 19:43:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow.
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Oracle 8i TNS...
Apache Win32 Chunked Encoding
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Apache Win32...
Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow
This module exploits a stack buffer overflow in Oracle 8i. When sending a specially crafted packet containing an overly long ARGUMENTS string to the TNS service, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability
Oracle is a widely-deployed Database Management System DBMS that supports a variety of applications. Many multi-tier applications are designed to use proxy authentication, restricting a middle tier to establish the database connection on behalf of the users. The standard authentication mechanism...
Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB12)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Alert Update Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD DB12 Jan 18, 2007 Updated July 18th, 2007 Risk Level: High Affected versions: Oracle Database Server versions 8i...
Apache Win32 Chunked Encoding
This module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apach...
CVE-2002-1767
Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument...
CVE-2002-1767
CVE-2002-1767 describes a buffer overflow in Oracle 8i Database Server 8.1.5 for Linux, specifically in tnslsnr, that allows local users to execute arbitrary code as the oracle user via a long command line argument. The affected component is the tnslsnr process; root cause is improper handling of...
CVE-2004-1707
Oracle 8i/9i and IAS 9.0.2.0.1 on Unix are affected by CVE-2004-1707 due to the dbsnmp and nmo programs. They search a default library path and execute libraries with elevated privileges, enabling certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0. No additional ...
CVE-2005-0298
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information...
CVE-2005-0298
CVE-2005-0298 concerns Oracle 8i–10g DIRECTORY objects that expose the location of a specific operating system directory. Read access to such a DIRECTORY object can allow a user to obtain sensitive information about the OS directory path, indicating a potential information-disclosure risk. The pr...