EUVD-2006-2505

Malware in sbrugna...

EUVD-2006-3696

Malware in sbrugna...

Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...

Oracle DB SQL Injection via DBMS_EXPORT_EXTENSION

This module will escalate an Oracle DB user to DBA by exploiting a sql injection bug in the DBMSEXPORTEXTENSION.GETDOMAININDEXMETADATA package. Note: This module has been tested against 9i, 10gR1 and 10gR2. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle 10g DBMS_EXPORT_EXTENSION存储过程远程SQL注入漏洞

Oracle是一款大型的商业数据库系统。 Oracle 10g中由SYS用户运行的DBMSEXPORTEXTENSION存储过程存在PL/SQL注入漏洞，允许低权限用户以DBA权限执行任意SQL代码。 Oracle声称已在2006年4月的紧急补丁更新中修复了这个漏洞，但实际上并未修复。 Oracle10g 10.2.0.2.0 临时解决方法： 如果您不能立刻安装补丁或者升级，NSFOCUS建议您采取以下措施以降低威胁： 删除DBMSEXPORTEXTENSION的PUBLIC执行权限。 厂商补丁： Oracle ------...

oracle-sql.txt

!/usr/bin/perl Remote Oracle dbmsexportextension exploit any version Grant or revoke dba permission to unprivileged user Tested on Oracle 10g - Release 10.2.0.1.0 Oracle 9i - Release 9.2.0.2.0 REF: http://www.securityfocus.com/bid/17699 AUTHOR: Andrea "bunker" Purificato...

Oracle 9i10g - DBMS_EXPORT_EXTENSION SQL Injection

Oracle 9i10g - DBMSEXPORTEXTENSION SQL Injection !/usr/bin/perl Remote Oracle dbmsexportextension exploit any version Grant or revoke dba permission to unprivileged user Tested on Oracle 10g - Release 10.2.0.1.0 Oracle 9i - Release 9.2.0.2.0 REF: https://www.securityfocus.com/bid/17699 AUTHOR:...

CVE-2006-3702

CVE-2006-3702 covers multiple Oracle Database vulnerabilities across versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 with unspecified impact/attack vectors. Connected sources tie DB06 to a SQL injection-style issue in DBMS_EXPORT_EXTENSION, specifically GET_DOMAIN_INDEX_METADATA, which...

CVE-2006-2505

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPENAME argument in the 1 GETDOMAININDEXTABLES or 2 GETV2DOMAININDEXTABLES function in the DBMSEXPORTEXTENSION package...

Oracle DBMS_EXPORT_EXTENSION package vulnerable to SQL injection

Overview A vulnerability in Oracle PL/SQL Export Extensions may allow an attacker to modify privileged database information. Description Oracle Extensions, ODCIIndex Interface, andODCIIndexGetMetadata Oracle extensions are used to create customized Oracle database constructs. An indextype is an...

CVE-2006-2081

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GETDOMAININDEXMETADATA function in the DBMSEXPORTEXTENSION package. NOTE: this issue was originally linked to DB05 CVE-2006-1870, but a reliable third party has claimed that it is not the same issue...

CVE-2006-2081

CVE-2006-2081 affects Oracle Database Server 10g Release 2, where local users can trigger arbitrary SQL via the GET_DOMAIN_INDEX_METADATA function in DBMS_EXPORT_EXTENSION. The primary issue is insecure privileges that allow SQL to be introduced outside of a character-based injection, not a tradi...

CVE-2006-2081

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GETDOMAININDEXMETADATA function in the DBMSEXPORTEXTENSION package. NOTE: this issue was originally linked to DB05 CVE-2006-1870, but a reliable third party has claimed that it is not the same issue...

Oracle 10g Release 2 - DBMS_EXPORT_EXTENSION SQL

Oracle 10g Release 2 - DBMSEXPORTEXTENSION SQL / 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo...

Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit

Exploit for multiple platform in category local exploits...

[Full-disclosure] Recent Oracle exploit is _actually_ an 0day with no patch

The recent Oracle exploit posted to Bugtraq http://www.securityfocus.com/archive/1/431353 is actually an 0day and has no patch. The patch for 10g Release 2 for April 2006 Critical Patch Update does not contain a fix for the specific flaw that the exploit takes advantage of. As it happens - this...

Oracle 10g Release 2 - &#039;DBMS_EXPORT_EXTENSION&#039; SQL

/ 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo SYS.odciindexinfo,P3 VARCHAR2,p4 VARCHAR2,env SYS.odcie...