62 matches found
EUVD-2004-2337
Malware in sbrugna...
EUVD-2005-3204
Malware in sbrugna...
EUVD-2003-1183
Malware in sbrugna...
EUVD-2002-0566
Malware in sbrugna...
CVE-2002-1858
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...
Oracle GENERATESCHEMA Buffer Overflow Exploit
This Exploit a buffer overflow in Oracle10g. When sending a specially formatted query to the GENERATESCHEMA function in the XDB.DBMSXMLSCHEMA package, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 0 then rexploit with target 1. Th...
Oracle NUMTODSINTERVAL() Buffer Overflow Exploit
This module exploits a buffer overflow in Oracle9i. When sending a specially formatted query to the numtodsinterval function, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 1 then rexploit using target 0. The first query will disab...
Oracle9i Database Default Library Directory Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10829/info Oracle database implementations are reportedly prone to a default library directory privilege escalation vulnerability. This issue arises due to a default configuration error that will permit the attacker to...
Oracle9i Application Server 9.0.2 MOD_ORADAV Access Control Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14274/info The modoradav module for Oracle HTTP Server included in Oracle9i Application Server is prone to a vulnerability. This is related to access controls on the '/davpublic' and '/davportal' directories, allowing a...
Oracle 9i XDB FTP UNLOCK Overflow (win32)
No description provided by source. $Id: oracle9ixdbftpunlock.rb 10559 2010-10-05 23:41:17Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
Oracle 9i XDB FTP UNLOCK Overflow (win32)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Oracle 9i XD...
Oracle将发布2009 7月重要补丁更新修复多个安全漏洞
Bugraq ID: 35618 Oracle Database是一款商业性质大型数据库系统。 racle发布了2009年7月的紧急补丁更新公告,补丁修复了跨越100多个Oracle产品中33个安全漏洞,受影响的软件包括如下: Oracle Database Oracle Application Server Oracle Identity Management Oracle E-Business Suite Release Oracle Enterprise Manager Database Control Oracle Enterprise Manager Grid Control...
CVE-2007-3856
Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMPSYS, aka DB04...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
CVE-2006-0276
Multiple unspecified vulnerabilities in Oracle Collaboration Suite Release 2, version 9.0.4.2 Oracle9i have unspecified impact and attack vectors, as identified by Oracle Vuln 1 OCS01, 2 OCS02, 3 OCS03, 4 OCS04, 5 OCS05, 6 OCS06, 7 OCS07, 8 OCS08, and 9 OCS09 in the a Email Server component; 10...
FastCGI samples Cross Site Scripting
Two sample CGI's supplied with FastCGI are vulnerable to cross-site scripting attacks. FastCGI is an 'open extension to CGI that provides high performance without the limitations of server specific APIs', and is included in the default installation of the 'Unbreakable' Oracle9i Application Server...
FastCGI samples Cross Site Scripting
Two sample CGI SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10838";...
CVE-2005-3205
Cross-site scripting XSS vulnerability in iSQLPlus iSQLPlus in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table...