Lucene search
K

9 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.207 views

Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...

5.5CVSS7AI score0.32434EPSS
Exploits7
Metasploit
Metasploit
added 2010/06/04 2:43 p.m.29 views

Oracle DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module will escalate an Oracle DB user to MDSYS by exploiting a sql injection bug in the MDSYS.SDOTOPODROPFTBL trigger. After that exploit escalate user to DBA using "CREATE ANY TRIGGER" privilege given to MDSYS user by creating evil trigger in system scheme 2-stage attack. This module...

5.5CVSS7.3AI score0.32434EPSS
Exploits7
Check Point Advisories
Check Point Advisories
added 2009/12/17 12:0 a.m.3 views

Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (CVE-2008-3979)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects such as procedures, functions, triggers, variables, constants, cursors, and exceptions, are provided in order t...

5.5CVSS8.2AI score0.32434EPSS
Exploits7
seebug.org
seebug.org
added 2009/02/20 12:0 a.m.28 views

Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)

No description provided by source. $Id: droptabletrigger.rb This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.1AI score0.32434EPSS
Exploits7
exploitpack
exploitpack
added 2009/02/18 12:0 a.m.30 views

Oracle 10g - MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (Metasploit)

Oracle 10g - MDSYS.SDOTOPODROPFTBL SQL Injection Metasploit $Id: droptabletrigger.rb This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

0.1AI score0.32434EPSS
Exploits7
Circl
Circl
added 2009/02/18 12:0 a.m.15 views

CVE-2008-3979

creationtimestamp| type| source ---|---|--- 2009-02-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8074 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/oracle/droptabletrigger.rb 2025-02-06 03:13:39+00:00| seen|...

5.5CVSS5.7AI score0.32434EPSS
Exploits7References2
OpenVAS
OpenVAS
added 2009/01/20 12:0 a.m.34 views

Ubuntu USN-708-1 (hplip)

The remote host is missing an update to hplip announced via advisory USN-708-1. OpenVAS Vulnerability Test $Id: ubuntu7081.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7081.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-708-1 hplip Authors: Thomas Reinke...

10CVSS0.6AI score0.3857EPSS
Exploits29References1
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.93 views

Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2

NGSSoftware Insight Security Research Advisory Name: Trigger abuse of MDSYS.SDOTOPODROPFTBL Systems Affected: Oracle 10g R1 and R2 10.1.0.5 and 10.2.0.2 Severity: High Vendor URL: http://www.oracle.com/ Author: David Litchfield [email protected] Reported: 23rd July 2008 Date of Public...

5.5CVSS0.3AI score0.32434EPSS
Exploits7
CVE
CVE
added 2009/01/14 1:0 a.m.107 views

CVE-2008-3979

CVE-2008-3979 is an Oracle Database issue affecting the Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2. The vulnerability exists in the MDSYS.SDO_TOPO_DROP_FTBL trigger, where an SQL injection flaw could be exploited by a remote authenticated user to escalate privileges (potentially t...

5.5CVSS6.2AI score0.32434EPSS
Exploits7References8Affected Software1
Rows per page
Query Builder