Oracle Database Server SYS.LT.FINDRICSET Function SQL Injection (CVE-2007-5511)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

Oracle Database Server MDSYS.SDO_LRS Package SQL Injection (CVE-2006-5340)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

Oracle Database Server SQL Injection In Package SYS.KUPV (CVE-2006-0586)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

AIX ToolTalk Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' class Metasploit3...

Ubuntu USN-848-1 (zope3)

The remote host is missing an update to zope3 announced via advisory USN-848-1. OpenVAS Vulnerability Test $Id: ubuntu8481.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8481.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-848-1 zope3 Authors: Thomas Reinke...

MySQL: Format string vulnerability by manipulation with database instances (crash)

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...

PostgreSQL LDAP Anonymous Bind Authentication Bypass

The version of PostgreSQL running on the remote host has an authentication bypass vulnerability. If PostgreSQL is using LDAP authentication, and the LDAP server is configured to allow anonymous binds, it may be possible to log into the PostgreSQL server using a blank password. A remote attacker...

From the webshell to sniff for linux-vulnerability warning-the black bar safety net

Special thanks to the bridge brother! Long time no get too, and forgot how to in the linux below to sniff. Get a webshell is a linux machine and want to try sniffing him within the network of the database server. So with this article! First with backshell bounce a SHELL to the local. 我 用 的 是 xi4o...

TekRADIUS Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nth Dimension Security Advisory NDSA20090412 Date: 12th April 2009 Author: Tim Brown URL: / Product: TekRADIUS 3.0 Vendor: Yasin KAPLAN Risk: Medium Summary This advisory comes in 3 related parts: 1 By default, TekRADIUS connects to SQL Server as the ...

ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)

This module exploits a buffer overflow vulnerability in ttinternalrealpath function of the ToolTalk database server rpc.ttdbserverd. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ToolTalk...

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

Let the administrator help you restart the server-the vulnerabilities and early warning-the black bar safety net

Go from: http://www.darkst.com/bbs/thread-38959-1-1.html Sometimes, we go through the database backup a batch to the Startup menu, you want the server on the next restart to run our batch processing. But we, Ah, etc., the server is not restarting, what to do? Allow administrator to help us restar...

Oracle plugs critical database server holes

Oracle has released the first Critical Patch Update for 2009 to provide fixes for at least address 43 vulnerabilities across several database server products. The mega update oracle.com, released on the same day Microsoft released its own security patches, plugs at least 16 holes in the company’s...

Oracle Database Server Detection

Binary data 4995.prm...

Code injection

Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote attackers to obtain 1 application server configuration, 2 database server configuration including encrypted passwords...

Mandriva Update for postgresql MDKSA-2007:037-1 (postgresql)

Check for the Version of postgresql OpenVAS Vulnerability Test Mandriva Update for postgresql MDKSA-2007:037-1 postgresql Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Researcher to unveil new SQL injection attack

From Dark Reading, by Kelly Jackson Higgins In the last couple of years, SQL injection attacks have become the favorite tactic of pentration testers, cyber criminals and script kiddies alike. But some researchers are taking the technique to a new level. At Black Hat Europe later this month, a...

Ubuntu Update for postgresql-7.4/-8.0/-8.1 vulnerabilities USN-417-1

Ubuntu Update for Linux kernel vulnerabilities USN-417-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4171.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postgresql-7.4/-8.0/-8.1 vulnerabilities USN-417-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Oracle Secure Backup NDMP Packet Handling Multiple Denial of Service (CVE-2008-5441)

Oracle Database Server is an enterprise-level relational database application suite. Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage NAS devices and distributed hosts. Oracle Secure Backup is using NDMP protocol to...