20 matches found
EUVD-2005-3204
Malware in sbrugna...
EUVD-2002-1248
Malware in sbrugna...
Oracle 9.0 iSQL*Plus TLS Listener - Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a specific HTTP request, remote...
Oracle iSQLPlus SID Check
This module attempts to bruteforce the SID on the Oracle application server iSQLPlus login pages. It does this by testing Oracle error responses returned in the HTTP response. Incorrect username/pass with a correct SID will produce an Oracle ORA-01017 error. Works against Oracle 9.2, 10.1 & 10.2...
Oracle iSQL*Plus Login Utility
This module attempts to authenticate against an Oracle ISQLPlus administration web site using username and password combinations indicated by the USERFILE, PASSFILE, and USERPASSFILE. This module does not require a valid SID, but if one is defined, it will be used. Works against Oracle 9.2, 10.1 ...
CVE-2005-3205
CVE-2005-3205 : XSS in Oracle9i iSQLPlus (iSQLPlus) for Oracle9i Database Server Release 2 (9.0.2.4). The vulnerability arises in the iSQL Plus interface when using the command set markup HTML TABLE, allowing remote attackers to inject arbitrary script/HTML that executes when a user selects a tab...
CVE-2005-3206
iSQLPlus isqlplus for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service TNS listener stop via an HTTP request with an sid parameter that contains a STOP command...
CVE-2005-3206
CVE-2005-3206 affects iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 (9.0.2.4). The issue enables remote attackers to cause a denial of service by sending an HTTP request with an sid parameter containing a STOP command, which can stop the TNS listener. The available connected documen...
Oracle 9.0 iSQL*Plus - TLS Listener Remote Denial of Service
Oracle 9.0 iSQLPlus - TLS Listener Remote Denial of Service source: https://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a...
[Full-disclosure] Shutdown TNS Listener via Oracle iSQL*Plus
Shutdown TNS Listener via Oracle iSQLPlus Name Shutdown TNS Listener via Oracle iSQLPlus Systems Affected Oracle Database 9i Rel. 2 Severity Medium Risk Category Denial of Service Vendor URL http://www.oracle.com This advisory http://www.red-database-security.com/advisory/oracleisqlplusshutdown.h...
Oracle 9.0 iSQL*Plus - TLS Listener Remote Denial of Service
source: https://www.securityfocus.com/bid/15032/info Oracle iSQLPLUS is susceptible to a vulnerability that allows remote attackers to stop the TNS Listener service, denying further database service to legitimate users. By issuing a specific HTTP request, remote attackers may cause the affected...
CVE-2004-1368
The CVE-2004-1368 entry affects Oracle ISQL*Plus in Oracle 10g Application Server. The vulnerability allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script, enabling potential arbitrary-file execution on the affected server. The ac...
CVE-2004-1368
ISQLPlus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script...
Oracle ISQLPlus file access vulnerability (#NISR2122004E)
NGSSoftware Insight Security Research Advisory Name: Oracle ISQLPlus load.uix file access Systems Affected: Oracle 10g AS on all operating systems Severity: Medium Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...
CVE-2002-1264
The vulnerability CVE-2002-1264 affects the Oracle iSQL*Plus web application component of Oracle 9 database server. A buffer overflow can be triggered by a long USERID parameter in the isqlplus URL, allowing remote code execution. The description does not specify affected versions beyond Oracle 9...
CVE-2002-1264
Buffer overflow in Oracle iSQLPlus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL...
Oracle Application Server contains several vulnerabilities
Overview Several vulnerabilities exist in the Portal and iSQLPlus components of the Oracle Application Server. According the the Oracle Security Alert, exploitation of these vulnerabilities would require the attacker to have network access, but not a valid user account on the vulnerable system...
ora-isqlplus.txt
NGSSoftware Insight Security Research Advisory Name: Oracle iSQLPlus buffer overflow Systems: Oracle Database 9i R1,2 on all operating systems Severity: High Risk Vendor URL: http://www.oracle.com/ Author: David Litchfield [email protected] Advisory URL:...
CVE-2002-1264
Buffer overflow in Oracle iSQLPlus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL...
Oracle iSQL*Plus buffer overflow
Buffer overflow on oversized username...