EUVD-2005-0298

Malware in sbrugna...

Oracle GENERATESCHEMA Buffer Overflow Exploit

This Exploit a buffer overflow in Oracle10g. When sending a specially formatted query to the GENERATESCHEMA function in the XDB.DBMSXMLSCHEMA package, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 0 then rexploit with target 1. Th...

[DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection

Digital Security Research Group DSecRG Advisory DSECRG-09-010 http://dsecrg.com/pages/vul/show.php?id=110 Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vend...

Oracle Database 10G CTXSYS.DRVXTABX — PLSQL Injection

Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vendor response: 31.01.2008 CVE: CVE-2009-1991 SVSS2: 3.6 Date of Public Advisory: 26.10.2009 Solution: YES Non official Author:...

Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit

No description provided by source. !/usr/bin/perl http://rawlab.mindcreations.com/codes/exp/oracle/sys-lt-findricset.pl Oracle SYS.LT.FINDRICSET exploit 11g/10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.5.0" Fixed with CPU...

Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit

Exploit for multiple platform in category local exploits ============================================================ Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit ============================================================ !/usr/bin/perl...

Buffer overflow

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMPSYS, aka DB04...

Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow

Added: 04/25/2007 CVE: CVE-2007-2116 BID: 23532 OSVDB: 39933 Background Package DBMSSNAPINTERNAL of schema SYS is an Advanced Replication component used internally by Oracle Database. Problem A buffer overflow vulnerability in DBMSSNAPINTERNAL allows remote attackers to execute arbitrary commands...

Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow

Added: 04/25/2007 CVE: CVE-2007-2116 BID: 23532 OSVDB: 39933 Background Package DBMSSNAPINTERNAL of schema SYS is an Advanced Replication component used internally by Oracle Database. Problem A buffer overflow vulnerability in DBMSSNAPINTERNAL allows remote attackers to execute arbitrary commands...

oracle-inject-bunker.txt

!/usr/bin/perl Remote Oracle KUPM$MCP.MAIN exploit 10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: http://www.red-database-security.com/ AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com DATE:...

Buffer overflow

Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists DACLs, which allows local users to gain privileges...

CVE-2007-1442

Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists DACLs, which allows local users to gain privileges...

Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection (2)

!/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g - Version 2 - New "evil cursor injection" tip! - No "create procedure" privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise...

Oracle 9i/10g - DBMS_METADATA.GET_DDL SQL Injection

!/usr/bin/perl Remote Oracle DBMSMETADAT.GETDDL exploit 9i/10g Grant or revoke dba permission to unprivileged user Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0" REF: https://www.securityfocus.com/bid/16287 AUTHOR: Andrea "bunker" Purificato http://rawlab.mindcreations.com...

Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit

Exploit for multiple platform in category remote exploits =============================================================== Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit =============================================================== !/usr/bin/perl Remote Oracle KUPW$WORKER.MAIN...

Oracle Security Component sys.pbsde buffer overflow

Added: 11/07/2006 CVE: CVE-2005-3438 BID: 15134 OSVDB: 20612 Background pbsde is a package of stored procedures which is part of the base installation of Oracle Database. Problem A buffer overflow in the sys.pbsde.init procedure allows database users to execute arbitrary commands. Resolution Appl...

Oracle 10g R2 and, probably, all previous versions

I can't believe it. Oracle releases new patches and they have not been solved one of the main problems: A user with only the SELECT privilege can do WHATEVER SHE WANTS WITH THE ENTIRE DATABASE!!!! I'm not sure if is time to full disclosure it but, anyway, I will "full disclosure" one inocent issu...

Sql injection

SQL injection vulnerability in the Data Pump Metadata API in Oracle Database 10g and possibly earlier might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it...

Sql injection

SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created...

Sql injection

SQL injection vulnerability in the SYS.DBMSMETADATAUTIL package in Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being...