224 matches found
CVE-2014-2439
Unspecified vulnerability in the Oracle Secure Global Desktop SGD component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application...
Oracle Secure Global Desktop Multiple Vulnerabilities (January 2014 CPU)
The remote host has a version of Oracle Secure Global Desktop installed that is affected by multiple vulnerabilities : - Specially crafted requests sent with chunked transfer encoding could allow a remote attacker to perform a 'limited' denial of service attack on the Tomcat server. CVE-2012-3544...
Oracle Secure Global Desktop Unsupported Version Detection
According to its self-reported version number, the installation of Oracle Secure Global Desktop on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security...
Oracle Secure Global Desktop Administration Console Detection
Binary data oraclesecureglobaldesktophttpdetect.nbin...
Oracle Secure Global Desktop ttaauxserv Remote Denial of Service (remote check)
The remote host is running a version of Oracle Secure Global Desktop that may have an unspecified denial of service vulnerability in the ttaauxserv binary. Note that this may be a false positive, as this plugin only checks if a vulnerable version of Oracle Secure Global Desktop is running, and do...
Oracle Secure Global Desktop Linux Installation Detection
Binary data oraclesecureglobaldesktopinstalled.nbin...
CVE-2013-3834
CVE-2013-3834 concerns Oracle Secure Global Desktop (Oracle Virtualization 5). The vulnerability affects the ttaauxserv binary in the Oracle Secure Global Desktop component and is described as an unspecified remote vulnerability that can affect availability via unknown vectors, enabling a remote ...
CVE-2013-3834
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv...
Oracle Secure Backup 10.3.0.1 RCE
Remote command execution vulnerability in Oracle Secure Backup Administration Server propertybox.php Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...
Oracle Database Multiple Vulnerabilities (April 2008 CPU)
The remote Oracle database server is missing the April 2008 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Audit - Authentication - Change Data Capture - Core RDBMS - Data Pump - Export - Oracle Enterprise...
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
$Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
This module exploits an authentication bypass vulnerability in login.php. In conjunction with the authentication bypass issue, the 'jlist' parameter in propertybox.php can be used to execute arbitrary system commands. This module was tested against Oracle Secure Backup version 10.3.0.1.0 This...
Oracle Secure Backup Authentication Bypass/Command Injection
Exploit for php platform in category web applications $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensin...
Oracle Secure Backup - Authentication Bypass/Command Injection (Metasploit)
$Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection
The version of Oracle Secure Backup Administration Server running on the remote host fails to adequately sanitize user-supplied input to the 'uname' parameter of 'login.php'. The system performs some sanitization which limits exploitation of this issue, but code execution is still possible. A...
Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validatelogin function defined within /apache/htdocts/php/common.php. The...
CVE-2011-2252
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2261...
CVE-2011-2251
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect integrity via unknown vectors...
CVE-2011-2251
CVE-2011-2251 is linked to Oracle Secure Backup Administration Server login.php XSS in the mode parameter. The Nessus plugin notes input is not properly sanitized, enabling a remote attacker to lure a user to a crafted URL and potentially execute arbitrary script code. This is the concrete detail...
CVE-2010-3596
Unspecified vulnerability in the modssl component in Oracle Secure Backup 10.3.0.2 allows remote attackers to affect integrity and availability via unknown vectors...