Oracle Database Server DBMS_AQADM_SYS.DBLINK_INFO缓冲区溢出漏洞

Oracle Database Server是一款商业性质的功能强大的数据库服务程序。 Oracle Database Server处理DBMSAQADMSYS.DBLINKINFO函数存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Oracle Database Server提供的SYS.DBMSAQADMSYS包用于SYS.DBMSAQADM包内部使用提供管理Oracle流高级队列配置和管理信息的过程。此包对DBLINKINFO过程处理存在缓冲区溢出，任何对SYS.DBMSAQADMSYS有执行权限的Oracle数据库用户可利用此漏洞。 Oracle...

Design/Logic Flaw

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified...

CVE-2007-5593

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified...

CVE-2007-5593

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified...

CVE-2007-5593

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified...

CMD build under virtual directory-vulnerability warning-the black bar safety net

The following is an ugly beggarweb data separation web and data separated,there was Pcanywhere,the database server has IIS, cscript.exe c:\inetpub\adminscripts\adsutil.vbs get w3svc/1/serverbindings first Web service port cscript.exe c:\inetpub\adminscripts\adsutil.vbs create w3svc/1/root/wodexi/...

Borland Interbase / Firebird database server multiple buffer overflows

Buffer overflows on multiple functions arguments...

Cache Database Server Redirection Vulnerability

Binary data 4190.prm...

ESRI ArcSDE database server buffer overflow

Buffer overflow on oversied TCP/5151 port request...

SQL SERVER Database Password vulnerability-vulnerability warning-the black bar safety net

Track a bit the SQL SERVER Database Server login process, and found that the password calculation is very vulnerable, a SQL SERVER Database Password vulnerability embodied in two aspects: 1, A network login when the password encryption algorithm 2, The database storage of the password encryption...

Progress database server buffer overflow

Buffer overflow in network service TCP/5220, TCP/5230. Progress is installed by diffgerent RSA products...

Ingres Data Access Server Detection

The remote service is an Ingres Data Access Server, which translates requests from the JDBC driver and .NET Data Provider into an internal format and forwards them to the appropriate DBMS server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Ingres Unauthenticated Pointer Overwrite 1

======= Summary ======= Name: Ingres remote unauthenticated pointer overwrite 1 Release Date: 25 June 2007 Reference: NGS00391 Discover: Chris Anley [email protected] Vendor: Ingres Vendor Reference: Ingres bug 115927, CVE-2007-3336, CAID 35450 Systems Affected: Ingres 2006 9.0.4 and prior...

Code injection

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file...

Stack overflow

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allow remote attackers to execute arbitrary code via the 1 uuidfromchar or 2 duvegetargs functions...

CVE-2007-3337

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file...

CVE-2007-3338

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allow remote attackers to execute arbitrary code via the 1 uuidfromchar or 2 duvegetargs functions...

CVE-2007-3336

Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA formerly Computer Associates products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server...

CVE-2007-3337

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA Computer Associates products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file...

CVE-2007-3337

CVE-2007-3337 concerns the Ingres database server (2006 9.0.4 and earlier) used in multiple CA products. A local user can abuse the setuid root binary “wakeup” by creating a symbolic link to the file alarmwkp.def, causing the binary to truncate arbitrary files in the current directory. The issue ...