Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database SQL Injection in SYS.DBMSCDCIPUBLISH.ALTERHOTLOGINTERNALCSOURCE November 12, 2008 Risk Level: Medium Affected versions: Oracle Database Server versions 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes...

Linux Kernel ndiswrapper模块远程溢出漏洞

BUGTRAQ ID: 32118 CVECAN ID: CVE-2008-4395 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的ndiswrapper模块内核驱动在处理无线网络报文时存在缓冲区溢出漏洞，如果远程攻击者在报文中包含了超长的ESSID的话，就可以触发这个溢出，导致执行任意代码。 Linux kernel 2.6 Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Debian Security Advisory DSA 1652-1 (ruby1.9)

The remote host is missing an update to ruby1.9 announced via advisory DSA 1652-1. OpenVAS Vulnerability Test $Id: deb16521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1652-1 ruby1.9 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CPUOct2008 Advisory

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

openSUSE 10 Security Update : python (python-5491)

This update of python fixes several security vulnerabilities. CVE-2008-1679,CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Oracle multiple security vulnerabilities

New Critical Patch Update patches nearly 50 different vulnerabilities in all Oracle products...

Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory SQL Injection in Oracle Application Server WWEXPAPIENGINE Audust 4, 2008 Risk Level: High Affected versions: Oracle Application Server 9.0.4.3, 10.1.2.2 and 10.1.4.1 Remote exploitable: Yes No authentication required...

oracleidir-dos.txt

!/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. The server "commonly" tolerates one shoot, but even when you...

Oracle Database Local Untrusted Library Path Vulnerability

Oracle Database Local Untrusted Library Path Vulnerability ---------------------------------------------------------- The Oracle July 2008 Critical Patch Update fixes a vulnerability which allows a user in the OINSTALL/DBA group to scalate privileges to root. Scalating Privileges from "oracle" to...

Oracle Internet Directory 10.1.4 - Remote Denial of Service

!/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. The server "commonly" tolerates one shoot, but even when you...

Oracle Internet Directory 10.1.4 - Remote Denial of Service

Oracle Internet Directory 10.1.4 - Remote Denial of Service !/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. T...

Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit

Exploit for multiple platform in category dos / poc =========================================================== Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit =========================================================== !/usr/bin/python """ Oracle Internet Directory 10.1.4...

Oracle Portal XSS fixed by CPU July 2008

Class: Input Validation Error Risk: Low Remote: Yes Oracle has just released CPU July 2008 critical patch that fixes a flaw which allows code injection by malicious web users into the web pages viewed by other users. The security issue was found on POPUPNAME parameter OF PORTAL.WWPOBHOMEPAGE web...

Oracle Critical Patch Update Advisory - July 2008

Oracle Critical Patch Update Advisory - July 2008 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...

CVE-2008-1666

Unspecified vulnerability in HP Oracle for OpenView OfO 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 has unknown impact and attack vectors, possibly related to the July 2008 Oracle Critical Patch Update...

CVE-2008-1666

Technical details are not publicly available in the provided documents. Monitor for updates.

CPUJul2008 Advisory

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

Panda Security ActiveScan 2.0 (Update) - Remote Buffer Overflow

Author: Karol Wiesek Homepage: http://karol.wiesek.pl/ There exists two vulnerabilities in Panda Security ActiveScan 2.0 Update function. 1 typical overflow this exploit 2 Update function allows to install any attacker suplied CABinet into victims system Panda Security have not respond in any...

Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database Buffer Overflow in SYS.KUPF$FILEINT.GETFULLFILENAME DB11 April 28, 2008 Risk Level: Medium Affected versions: Oracle Database Server versions 9iR2, 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes...

CPU Apr 2008

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...