Exploit for Improper Authentication in Oracle Database_Server

This is an offensive tool for Oracle Database exploitation. The repository contains several modules that exploit various vulnerabilities in Oracle Database, including: 1. CVE-2012-3137: This module exploits a vulnerability in Oracle Database that allows an attacker to obtain remote passwords usin...

CVE-2012-3132

CVE-2012-3132 affects Oracle Database Server versions 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3. The vulnerability is a SQL injection in the database server that allows a remote authenticated user to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTX...

Oracle - ctxsys.drvxtabc.create_tables

Oracle - ctxsys.drvxtabc.createtables -- -- ctxsys.drvxtabc.createtables -- -- -- Oracle ctxsys.drvxtabc.createtables exploit 9i/10g -- -- Grant dba permission to unprivileged user -- -- -- REF: http://www.google.it/search?q=ctxsys.drvxtabc.createtables -- -- AUTHOR: Andrea "bunker" Purificato --...

Oracle ctxsys.drvxtabc.create_tables Evil Cursor Exploit

Exploit for unknown platform in category local exploits ======================================================== Oracle ctxsys.drvxtabc.createtables Evil Cursor Exploit ======================================================== Title: Oracle ctxsys.drvxtabc.createtables Evil Cursor Exploit CVE-ID:...

Use a low-privileged Oracle database accounts give the OS access permissions-bug warning-the black bar safety net

Author:Mickey These days look at the article called"Penetration: from application down to OS Oracle"of the document,feel quite interesting,the document probably means that is,if the ORACLE service is using the administrator account to start,as long as you have a have resource and connect privileg...

CVE-2007-5508

Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component CTXDOC in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 THEMES, 2 GIST, 3 TOKENS, 4 FILTER, 5 HIGHLIGHT, and 6 MARKUP...

CVE-2007-5508

Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component CTXDOC in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 THEMES, 2 GIST, 3 TOKENS, 4 FILTER, 5 HIGHLIGHT, and 6 MARKUP...

CVE-2007-5508

CVE-2007-5508 concerns the CTXSYS Intermedia/Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3. The vulnerability enables SQL injection via six procedures (THEMES, GIST, TOKENS, FILTER, HIGHLIGHT, MARKUP), with remote authenticated users able to execute arbitrary SQL comman...

CVE-2006-0265

Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB17 in the Oracle Text component and 2 DB18 in the Program Interface Network component. NOTE: details are...