CVE-2006-0547

Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTHALTERSESSION attribute in the authentication phase of t...

[SECURITY] [DSA 963-1] New mydns packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 963-1 [email protected] http://www.debian.org/security/ Martin Schulze February 2nd, 2006 http://www.debian.org/security/faq -...

PostgreSQL Database Detection

Binary data 3392.prm...

Daffodil CRM 1.5 - Userlogin.asp SQL Injection

Daffodil CRM 1.5 - Userlogin.asp SQL Injection source: https://www.securityfocus.com/bid/16433/info Daffodil CRM is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

GLSA-200601-15 : Paros: Default administrator password

The remote host is affected by the vulnerability described in GLSA-200601-15 Paros: Default administrator password Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed with an empty password for the database administrator 'sa'. Impact : Since th...

CVE-2006-0450

phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service application crash by 1 registering many users through profile.php or 2 using search.php to search in a certain way that confuses the database...

[VulnWatch] [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT}

Argeniss Security Advisory Name: Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMSXMLSCHEMAINT Affected Software: Oracle Database Server versions 9iR2 and 10gR1 Severity: High Remote exploitable: Yes Authentication to Database Server is needed Credits: Esteban...

CVE-2006-0450

phpBB 2.0.19 and earlier allows remote attackers to cause a denial of service application crash by 1 registering many users through profile.php or 2 using search.php to search in a certain way that confuses the database...

Oracle Database Server 9i10g - XML Local Buffer Overflow

Oracle Database Server 9i10g - XML Local Buffer Overflow / Argeniss - Information Security http://www.argeniss.com infoatdotatdotc:\Unbreakable.txt' FROM DUAL; / Argeniss - Information Security http://www.argeniss.com infoatdotatdotcom Oracle version: 10g Release 1 Platform: Linux Shellcode opens...

geoBlog-MOD_1.0.txt

New eVuln Advisory: geoBlog SQL Injection Vulnerability http://evuln.com/vulns/33/summary/bt/ --------------------Summary---------------- Software: geoBlog Sowtware's Web Site: http://sourceforge.net/projects/bitdamaged/ Versions: MOD1.0 Critical Level: Dangerous Type: SQL Injection Class: Remote...

miniBloggie 1.0 - 'login.php' SQL Injection

source: https://www.securityfocus.com/bid/16367/info miniBloggie is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

e-moBLOG 1.3 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/16344/info The e-moBLOG application is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an...

Oracle TNS protocol fails to properly validate authentication requests

Overview The Oracle TNS protocol authentication mechanism fails to properly sanitize authentication requests, possibly allowing a remote attacker to execute arbitrary SQL statements with elevated privileges. Description Oracle databases authenticate and manage database connections via Oracle...

xinnet. com China new network Web Mail system has a serious vulnerability-a vulnerability warning-the black bar safety net

Long time no Post garbage come up, this also is not prepared to contribute, to the octal friend. First good luck to all octal friends a Happy New Year. Everyone knows China's famous New cafe, new network virtual host in a stable and secure known. Business users very much, I also bought a new...

Design/Logic Flaw

Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln DB01...

Design/Logic Flaw

Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unspecified impact and attack vectors, as identified by Oracle Vuln DB19...

Buffer overflow

Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in t...

Design/Logic Flaw

Unspecified vulnerability in the Transparent Data Encryption TDE Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without...

CVE-2006-0262

Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln DB08...

CVE-2006-0266

Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unspecified impact and attack vectors, as identified by Oracle Vuln DB19...