4 matches found
Bypassing Oracle dbms_assert
Hey all, Today I released a new whitepaper "Bypassing Oracle dbmsassert". This technique makes many already fixed Oracle vulnerabilities SQL Injection exploitable again. URL: http://www.red-database-security.com/wp/bypassdbmsassert.pdf Summary: By using specially crafted parameters in double quot...
Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22]
Name SQL Injection in package SYS.DBMSUPGRADE 6980717 DB22 Systems Oracle 10g Release 1 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 Jul 2006 V 1.00 Advisory...
Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03]
Name SQL Injection in package SYS.KUPW$WORKER 6980775 DB03 Systems Oracle 10g Release 1 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 Jul 2006 V 1.00 Advisory...
Oracle Database - SQL Injection in SYS.DBMS_CDC_IMPDP [DB01]
Name SQL Injection in package SYS.DBMSCDCIMPDP 6980711 DB01 Systems Oracle 10g Release 1 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 Jul 2006 V 1.00 Details The package SYS.DBMSCDCIMPDP contains...