Oracle GENERATESCHEMA Buffer Overflow Exploit

This Exploit a buffer overflow in Oracle10g. When sending a specially formatted query to the GENERATESCHEMA function in the XDB.DBMSXMLSCHEMA package, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 0 then rexploit with target 1. Th...

Oracle8i Standard Edition 8.1.5 for Linux Installer Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1035/info A vulnerability exists in the installation program for Oracle 8.1.5i. The Oracle installation scripts will create a directory named /tmp/orainstall, owned by oracle:dba, mode 711. Inside of this directory it wil...

Oracle Jserv Executes outside of doc_root

Detects Vulnerability in the execution of JSPs outside docroot. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Jserv Executes outside of doc_root

Detects Vulnerability in the execution of JSPs outside docroot. A potential security vulnerability has been discovered in Oracle JSP releases 1.0.x through 1.1.1 in Apache/Jserv. This vulnerability permits access to and execution of unintended JSP files outside the docroot in Apache/Jserv. For...

Oracle Extproc Buffer Overflow (#NISR25072003)

NGSSoftware Insight Security Research Advisory Name: Oracle Extproc Buffer Overflow Systems Affected: Most OS platforms; Oracle9i Database Release 2 and 1, 8i Severity: High Risk Vendor URL: http://www.oracle.com Authors: David Litchfield [email protected] Chris Anley [email protected]...