9 matches found
Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...
Oracle DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger
This module will escalate an Oracle DB user to MDSYS by exploiting a sql injection bug in the MDSYS.SDOTOPODROPFTBL trigger. After that exploit escalate user to DBA using "CREATE ANY TRIGGER" privilege given to MDSYS user by creating evil trigger in system scheme 2-stage attack. This module...
Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (CVE-2008-3979)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects such as procedures, functions, triggers, variables, constants, cursors, and exceptions, are provided in order t...
Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)
No description provided by source. $Id: droptabletrigger.rb This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Oracle 10g - MDSYS.SDO_TOPO_DROP_FTBL SQL Injection (Metasploit)
Oracle 10g - MDSYS.SDOTOPODROPFTBL SQL Injection Metasploit $Id: droptabletrigger.rb This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2008-3979
creationtimestamp| type| source ---|---|--- 2009-02-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8074 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/oracle/droptabletrigger.rb 2025-02-06 03:13:39+00:00| seen|...
Ubuntu USN-708-1 (hplip)
The remote host is missing an update to hplip announced via advisory USN-708-1. OpenVAS Vulnerability Test $Id: ubuntu7081.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7081.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-708-1 hplip Authors: Thomas Reinke...
Trigger Abuse of MDSYS.SDO_TOPO_DROP_FTBL in Oracle 10g R1 and R2
NGSSoftware Insight Security Research Advisory Name: Trigger abuse of MDSYS.SDOTOPODROPFTBL Systems Affected: Oracle 10g R1 and R2 10.1.0.5 and 10.2.0.2 Severity: High Vendor URL: http://www.oracle.com/ Author: David Litchfield [email protected] Reported: 23rd July 2008 Date of Public...
CVE-2008-3979
CVE-2008-3979 is an Oracle Database issue affecting the Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2. The vulnerability exists in the MDSYS.SDO_TOPO_DROP_FTBL trigger, where an SQL injection flaw could be exploited by a remote authenticated user to escalate privileges (potentially t...