EUVD-2005-0298

Malware in sbrugna...

Oracle GENERATESCHEMA Buffer Overflow Exploit

This Exploit a buffer overflow in Oracle10g. When sending a specially formatted query to the GENERATESCHEMA function in the XDB.DBMSXMLSCHEMA package, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 0 then rexploit with target 1. Th...

[DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection

Digital Security Research Group DSecRG Advisory DSECRG-09-010 http://dsecrg.com/pages/vul/show.php?id=110 Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vend...

Oracle Database 10G CTXSYS.DRVXTABX — PLSQL Injection

Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vendor response: 31.01.2008 CVE: CVE-2009-1991 SVSS2: 3.6 Date of Public Advisory: 26.10.2009 Solution: YES Non official Author:...

Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit

No description provided by source. !/usr/bin/perl http://rawlab.mindcreations.com/codes/exp/oracle/sys-lt-findricset.pl Oracle SYS.LT.FINDRICSET exploit 11g/10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.5.0" Fixed with CPU...

Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit

Exploit for multiple platform in category local exploits ============================================================ Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit ============================================================ !/usr/bin/perl...

CVE-2007-3856

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMPSYS, aka DB04...

Buffer overflow

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMPSYS, aka DB04...

Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow

Added: 04/25/2007 CVE: CVE-2007-2116 BID: 23532 OSVDB: 39933 Background Package DBMSSNAPINTERNAL of schema SYS is an Advanced Replication component used internally by Oracle Database. Problem A buffer overflow vulnerability in DBMSSNAPINTERNAL allows remote attackers to execute arbitrary commands...

Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow

Added: 04/25/2007 CVE: CVE-2007-2116 BID: 23532 OSVDB: 39933 Background Package DBMSSNAPINTERNAL of schema SYS is an Advanced Replication component used internally by Oracle Database. Problem A buffer overflow vulnerability in DBMSSNAPINTERNAL allows remote attackers to execute arbitrary commands...

oracle-inject-bunker.txt

!/usr/bin/perl Remote Oracle KUPM$MCP.MAIN exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: http://www.red-database-security.com/ AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com DATE:...

Oracle 10g - KUPM$MCP.MAIN SQL Injection

!/usr/bin/perl Remote Oracle KUPM$MCP.MAIN exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: http://www.red-database-security.com/ AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com DATE:...

CVE-2007-1442

Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists DACLs, which allows local users to gain privileges...

Buffer overflow

Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists DACLs, which allows local users to gain privileges...

CVE-2007-1442

Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists DACLs, which allows local users to gain privileges...

Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection (2)

!/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g - Version 2 - New "evil cursor injection" tip! - No "create procedure" privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise...

Oracle 9i10g DBMS_METADATA.GET_DDL - SQL Injection (2)

Oracle 9i10g DBMSMETADATA.GETDDL - SQL Injection 2 !/usr/bin/perl Remote Oracle DBMSMETADATA.GETDDL exploit 9i/10g - Version 2 - New "evil cursor injection" tip! - No "create procedure" privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to...

Oracle 9i/10g - DBMS_METADATA.GET_DDL SQL Injection

!/usr/bin/perl Remote Oracle DBMSMETADAT.GETDDL exploit 9i/10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: https://www.securityfocus.com/bid/16287 AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com...

Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit

Exploit for multiple platform in category remote exploits =============================================================== Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit =============================================================== !/usr/bin/perl Remote Oracle KUPW$WORKER.MAIN...

Oracle Security Component sys.pbsde buffer overflow

Added: 11/07/2006 CVE: CVE-2005-3438 BID: 15134 OSVDB: 20612 Background pbsde is a package of stored procedures which is part of the base installation of Oracle Database. Problem A buffer overflow in the sys.pbsde.init procedure allows database users to execute arbitrary commands. Resolution Appl...