CPUOct2008 Advisory

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

openSUSE 10 Security Update : python (python-5491)

This update of python fixes several security vulnerabilities. CVE-2008-1679,CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Oracle multiple security vulnerabilities

New Critical Patch Update patches nearly 50 different vulnerabilities in all Oracle products...

Team SHATTER Security Advisory: SQL Injection in Oracle Application Server (WWEXP_API_ENGINE)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory SQL Injection in Oracle Application Server WWEXPAPIENGINE Audust 4, 2008 Risk Level: High Affected versions: Oracle Application Server 9.0.4.3, 10.1.2.2 and 10.1.4.1 Remote exploitable: Yes No authentication required...

Oracle Database Local Untrusted Library Path Vulnerability

Oracle Database Local Untrusted Library Path Vulnerability ---------------------------------------------------------- The Oracle July 2008 Critical Patch Update fixes a vulnerability which allows a user in the OINSTALL/DBA group to scalate privileges to root. Scalating Privileges from "oracle" to...

oracleidir-dos.txt

!/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. The server "commonly" tolerates one shoot, but even when you...

Oracle Internet Directory 10.1.4 - Remote Denial of Service

Oracle Internet Directory 10.1.4 - Remote Denial of Service !/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. T...

Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit

Exploit for multiple platform in category dos / poc =========================================================== Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit =========================================================== !/usr/bin/python """ Oracle Internet Directory 10.1.4...

Oracle Internet Directory 10.1.4 - Remote Denial of Service

!/usr/bin/python """ Oracle Internet Directory 10.1.4 preauthentication Denial Of Service NOTES: Under 32 bits platforms it crashes immediately. Under 64 bits it may take even hours. Sometimes you need 2 shoots to crash OID completely. The server "commonly" tolerates one shoot, but even when you...

Oracle Portal XSS fixed by CPU July 2008

Class: Input Validation Error Risk: Low Remote: Yes Oracle has just released CPU July 2008 critical patch that fixes a flaw which allows code injection by malicious web users into the web pages viewed by other users. The security issue was found on POPUPNAME parameter OF PORTAL.WWPOBHOMEPAGE web...

Oracle Critical Patch Update Advisory - July 2008

Oracle Critical Patch Update Advisory - July 2008 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...

CVE-2008-1666

Unspecified vulnerability in HP Oracle for OpenView OfO 8.1.7, 9.1.01, 9.2, 9.2.0, 10g, and 10gR2 has unknown impact and attack vectors, possibly related to the July 2008 Oracle Critical Patch Update...

CVE-2008-1666

Technical details are not publicly available in the provided documents. Monitor for updates.

CPUJul2008 Advisory

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

Panda Security ActiveScan 2.0 (Update) - Remote Buffer Overflow

Author: Karol Wiesek Homepage: http://karol.wiesek.pl/ There exists two vulnerabilities in Panda Security ActiveScan 2.0 Update function. 1 typical overflow this exploit 2 Update function allows to install any attacker suplied CABinet into victims system Panda Security have not respond in any...

Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database Buffer Overflow in SYS.KUPF$FILEINT.GETFULLFILENAME DB11 April 28, 2008 Risk Level: Medium Affected versions: Oracle Database Server versions 9iR2, 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes...

CPU Apr 2008

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...

Fedora 8 : ruby-1.8.6.114-1.fc8 (2008-2443)

Tue Mar 4 2008 Akira TAGOH - 1.8.6.114-1 - Security fix for CVE-2008-1145. - Improve a spec file. 226381 - Correct License tag. - Fix a timestamp issue. - Own a arch-specific directory. - Tue Feb 19 2008 Fedora Release Engineering - 1.8.6.111-9 - Autorebuild for GCC 4.3 - Tue Feb 19 2008 Akira...

Oracle XDB component PITRIG_TRUNCATE buffer overflow

Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...

Oracle XDB component PITRIG_TRUNCATE buffer overflow

Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...