Oracle 9i10g Database - Remote Network Authentication

Oracle 9i10g Database - Remote Network Authentication source: https://www.securityfocus.com/bid/35680/info Oracle Database is prone to a remote vulnerability in Network Authentication. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to...

Oracle Database password weakness

Added: 05/12/2009 Background Oracle Database is a relational database solution available for multiple platforms. Problem The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries. Resolution Set a strong...

Oracle Database password weakness

Added: 05/12/2009 Background Oracle Database is a relational database solution available for multiple platforms. Problem The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries. Resolution Set a strong...

Oracle Database password weakness

Added: 05/12/2009 Background Oracle Database is a relational database solution available for multiple platforms. Problem The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries. Resolution Set a strong...

Oracle Enterprise Manager Control SID Discovery

This module makes a request to the Oracle Enterprise Manager Control Console in an attempt to discover the SID. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Enterprise Manager Control...

CVE-2009-0979

Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975...

Information disclosure

Unspecified vulnerability in the Cluster Ready Services component in Oracle Database 10.1.0.5 allows remote attackers to affect availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that...

Design/Logic Flaw

Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970...

CVE-2009-0988

Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Password Policy component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality via unknown vectors...

CVE-2009-0992

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMSAQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not...

CVE-2009-0976

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to LTADM...

CVE-2009-0981

Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that...

Sql injection

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to DBMSAQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not...

Sql injection

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMSAQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has...

Design/Logic Flaw

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2009-0985

Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users with the IMPFULLDATABASE role to affect confidentiality, integrity, and availability...