CVE-2005-3442

Technical details about CVE-2005-3442 are not publicly available in the provided documents. No specific impact, affected components, or remediation are given. Monitor for updates and new disclosures.

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

CVE-2005-3444

Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln DB26...

CVE-2005-3437

Technical details about CVE-2005-3437 are not publicly available in the provided connected documents; the entries describe an unspecified vulnerability in Oracle PL/SQL with unknown impact. Monitor for updates.

CVE-2005-3440

Technical details about CVE-2005-3440 are not provided in the supplied documents. No affected product/version or concrete impact is documented here; monitor for updates.

CVE-2005-3447

Technical details for CVE-2005-3447 are not publicly available in the provided documents; the entry remains with unspecified impact and vectors. Monitor for updates.

CVE-2005-3438

Oracle Database vulnerability CVE-2005-3438 involves a buffer overflow in the built-in package sys.pbsde.init, affecting Oracle Database Server 9i up to 10.1.0.4.2. Exploitation could allow execution of arbitrary code or a denial-of-service condition, with exploits documented for 10g (10.1.0.2) a...

Within the network database server invasion combat-vulnerability warning-the black bar safety net

Takeaway: deal with server the internal network and the external does not open the port of the database server, in addition to the bounce the Port to get a shell, there's no other good way to Do all in cmd,too much trouble, inconvenient we penetrate further within the network, following by a site...

Oracle Database Server buffer overflow in Security Component

Overview The Oracle Database Server Security Component contains a buffer overflow. Exploitation may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A lack of input validation in the Oracle Database Server Security Component may allow a buffer...

US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-292A Oracle Products Contain Multiple Vulnerabilities Original release date: October 19, 2005 Last revised: -- Source: US-CERT Systems Affected Oracle Database Server 10g Oracle9i Databas...

CVE-2005-3206

iSQLPlus isqlplus for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service TNS listener stop via an HTTP request with an sid parameter that contains a STOP command...

CVE-2005-3205

CVE-2005-3205 : XSS in Oracle9i iSQLPlus (iSQLPlus) for Oracle9i Database Server Release 2 (9.0.2.4). The vulnerability arises in the iSQL Plus interface when using the command set markup HTML TABLE, allowing remote attackers to inject arbitrary script/HTML that executes when a user selects a tab...

CVE-2005-3206

CVE-2005-3206 affects iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 (9.0.2.4). The issue enables remote attackers to cause a denial of service by sending an HTTP request with an sid parameter containing a STOP command, which can stop the TNS listener. The available connected documen...

CVE-2005-3205

Cross-site scripting XSS vulnerability in iSQLPlus iSQLPlus in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table...

Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers

Dear security community and Oracle users, Many of my customers run Oracle. Much of the U.K. Critical National Infrastructure relies on Oracle; indeed this is true for many other countries as well. I know that there's a lot of private information about me stored in Oracle databases out there. I ha...

mysql security update

CentOS Errata and Security Advisory CESA-2005:685 Updated mysql packages that fix a temporary file flaw and a number of bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server...

CVE-2004-2345

Oracle9i Database Server versions 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 are affected by unknown local vulnerabilities that allow a user with SQL access to cause a denial of service or to obtain sensitive information. The available documents confirm the affected product versions and the general i...

CVE-2004-2345

Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information...

CVE-2004-2244

The CVE-2004-2244 entry affects Oracle XML parsing in Oracle Application Server Release 2 (9i) and Database Server Release 2, across multiple versions (9.0.3.0/9.0.3.1, 9.0.2.3 and earlier, Release 1 1.0.2.x, and 9.2.0.1 and later). It describes a denial-of-service condition triggered by processi...

CVE-2002-1767

Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument...