CVE-2005-3446

Technical details for CVE-2005-3446 are not publicly available in the provided documents. Monitor for updates.

CVE-2005-3445

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2005-3440

Technical details about CVE-2005-3440 are not provided in the supplied documents. No affected product/version or concrete impact is documented here; monitor for updates.

CVE-2005-3444

The CVE-2005-3444 entry concerns Oracle Database Server (8i–9.2.0.5) with multiple unspecified vulnerabilities in the Programmatic Interface. The description notes unknown impact and attack vectors. The CVSS data provided indicates a high-severity base score (10.0) with network attack vector and ...

CVE-2005-3442

Technical details about CVE-2005-3442 are not publicly available in the provided documents. No specific impact, affected components, or remediation are given. Monitor for updates and new disclosures.

CVE-2005-3444

Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln DB26...

CVE-2005-3441

Technical details about CVE-2005-3441 are not publicly provided in the supplied documents. Monitor for updates.

Within the network database server invasion combat-vulnerability warning-the black bar safety net

Takeaway: deal with server the internal network and the external does not open the port of the database server, in addition to the bounce the Port to get a shell, there's no other good way to Do all in cmd,too much trouble, inconvenient we penetrate further within the network, following by a site...

Oracle Database Server buffer overflow in Security Component

Overview The Oracle Database Server Security Component contains a buffer overflow. Exploitation may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Description A lack of input validation in the Oracle Database Server Security Component may allow a buffer...

US-CERT Technical Cyber Security Alert TA05-292A -- Oracle Products Contain Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA05-292A Oracle Products Contain Multiple Vulnerabilities Original release date: October 19, 2005 Last revised: -- Source: US-CERT Systems Affected Oracle Database Server 10g Oracle9i Databas...

CVE-2005-3206

iSQLPlus isqlplus for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service TNS listener stop via an HTTP request with an sid parameter that contains a STOP command...

CVE-2005-3205

Cross-site scripting XSS vulnerability in iSQLPlus iSQLPlus in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table...

CVE-2005-3205

CVE-2005-3205 : XSS in Oracle9i iSQLPlus (iSQLPlus) for Oracle9i Database Server Release 2 (9.0.2.4). The vulnerability arises in the iSQL Plus interface when using the command set markup HTML TABLE, allowing remote attackers to inject arbitrary script/HTML that executes when a user selects a tab...

CVE-2005-3206

CVE-2005-3206 affects iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 (9.0.2.4). The issue enables remote attackers to cause a denial of service by sending an HTTP request with an sid parameter containing a STOP command, which can stop the TNS listener. The available connected documen...

Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers

Dear security community and Oracle users, Many of my customers run Oracle. Much of the U.K. Critical National Infrastructure relies on Oracle; indeed this is true for many other countries as well. I know that there's a lot of private information about me stored in Oracle databases out there. I ha...

mysql security update

CentOS Errata and Security Advisory CESA-2005:685 Updated mysql packages that fix a temporary file flaw and a number of bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server...

CVE-2004-2345

Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information...

CVE-2004-2345

Oracle9i Database Server versions 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 are affected by unknown local vulnerabilities that allow a user with SQL access to cause a denial of service or to obtain sensitive information. The available documents confirm the affected product versions and the general i...

CVE-2004-2244

The CVE-2004-2244 entry affects Oracle XML parsing in Oracle Application Server Release 2 (9i) and Database Server Release 2, across multiple versions (9.0.3.0/9.0.3.1, 9.0.2.3 and earlier, Release 1 1.0.2.x, and 9.2.0.1 and later). It describes a denial-of-service condition triggered by processi...

CVE-2002-1767

Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument...