Oracle Database 10.1.0.5 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow

Oracle Database 10.1.0.5 10.2.0.4 - AUTHSESSKEY Length Validation Remote Buffer Overflow include include include include include include void ssend SOCKET s, char msg, DWORD size int sent; printf "ssend: begin: %d bytes\n", size; sent=send s, charmsg, size, 0; if sent==SOCKETERROR printf "send -...

Oracle Database 10.1.0.5 - 10.2.0.4 AUTH_SESSKEY length validation

Exploit for unknown platform in category remote exploits ========================================================================== Oracle Database 10.1.0.5 - 10.2.0.4 AUTHSESSKEY length validation exploit ========================================================================== Title: Oracle...

Oracle Database 10.1.0.5 < 10.2.0.4 - AUTH_SESSKEY Length Validation Remote Buffer Overflow

include include include include include include void ssend SOCKET s, char msg, DWORD size int sent; printf "ssend: begin: %d bytes\n", size; sent=send s, charmsg, size, 0; if sent==SOCKETERROR printf "send - SOCKETERROR, WSAGetLastError=%d\n", WSAGetLastError; else if sent!=size printf "sent only...

[DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection

Digital Security Research Group DSecRG Advisory DSECRG-09-010 http://dsecrg.com/pages/vul/show.php?id=110 Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vend...

CVE-2009-2001

Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Code injection

Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Sql injection

Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle...

Authentication flaw

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS030000.WWVEXECUTEIMMEDIATE...

Input validation

Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not...

Design/Logic Flaw

Unspecified vulnerability in the Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DMPSYS...

Design/Logic Flaw

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.7 allows remote authenticated users to affect integrity via unknown vectors...

CVE-2009-1971

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.7 allows remote authenticated users to affect integrity via unknown vectors...

CVE-2009-1997

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2009-1992

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

Authentication flaw

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2009-1964

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

CVE-2009-2000

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...

Authentication flaw

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors...