1848 matches found
Oracle Database Multiple Vulnerabilities (October 2010 CPU)
The remote Oracle database server is missing the October 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Enterprise Manager Console - Java Virtual Machine - Change Data Capture - OLAP - Job Queue - XDK - Core RDBMS - Perl...
FreeBSD-SA-10:09.pseudofs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:09.pseudofs Security Advisory The FreeBSD Project Topic: Spurious mutex unlock Category: core Module: pseudofs Announced: 2010-11-10 Credits: Przemyslaw...
[Onapsis Security Advisory 2010-010] Oracle Virtual Server Agent Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-0010: Oracle Virtual Server Agent Local Privilege Escalation This advisory can be downloaded in PDF format from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you wil...
[Onapsis Security Advisory 2010-008] Oracle Virtual Server Agent Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-0008 : Oracle Virtual Server Agent Arbitrary File Access This advisory can be downloaded in PDF format from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you will ga...
Oracle数据库CREATE_CHANGE_SET过程SQL注入漏洞
BUGTRAQ ID: 43956 CVE ID: CVE-2010-2415 Oracle是大型的商业数据库系统。 Oracle数据库的Change Data Capture组件中提供了一个DBMSCDCPUBLISH PL/SQL软件包,该软件包的CREATECHANGESET过程中存在SQL注入漏洞。恶意用户可以以特殊参数调用有漏洞的过程,导致以SYS用户的权限执行SQL语句。 利用这个漏洞要求拥有对SYS.DBMSCDCPUBLISH软件包的EXECUTE权限。默认下给予了EXECUTECATALOGROLE角色的用户拥有这个权限。 Oracle Database 11.2.0....
Solaris rpc.cmsd服务远程整数溢出漏洞
BUGTRAQ ID: 43933 CVE ID: CVE-2010-3509 Solaris是一款由Sun开发和维护的商业UNIX操作系统。 Solaris中所运行的rpc.cmsd服务存在整数溢出漏洞,远程攻击者可以通过向该服务提交恶意RPC请求触发这个溢出,导致拒绝服务或以root用户权限执行任意代码。 Sun Solaris 9.0x86 Sun Solaris 9.0 Sun Solaris 8.0x86 Sun Solaris 8.0 Sun Solaris 10.0x86 Sun Solaris 10.0 厂商补丁: Oracle ------...
Oracle Enterprise Manager Grid Control HTTP请求远程溢出漏洞
BUGTRAQ ID: 43945 CVE ID: CVE-2010-2390 Grid Control是为整个Oracle IT架构提供中心化监视、管理、生命周期管理功能的系统管理软件。 远程攻击者可以通过向Grid Control的EM Console组件提交超长的HTTP请求触发缓冲区溢出,导致执行任意指令。 Oracle Enterprise Manager Grid Control 10.x 厂商补丁: Oracle ------ Oracle已经为此发布了一个安全公告(cpuoct2010)以及相应补丁: cpuoct2010:Oracle Critical Patch...
Oracle Sun Java System Web Server - HTTP Response Splitting
Exploit for jsp platform in category web applications =========================================================== Oracle Sun Java System Web Server - HTTP Response Splitting =========================================================== Description Security-Assessment.com discovered that is possible...
Oracle Sun Java System Web Server - HTTP Response Splitting
Oracle Sun Java System Web Server - HTTP Response Splitting Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied inpu...
Oracle Sun Java System Web Server - HTTP Response Splitting
Description Security-Assessment.com discovered that is possible to successfully perform an HTTP Response Splitting attack against applications served by Sun Java System Web Server. The vulnerability can be exploited if user supplied input is used to generate the value of an HTTP header, as shown ...
CentOS Update for xpdf CESA-2010:0751 centos4 i386
Check for the Version of xpdf OpenVAS Vulnerability Test CentOS Update for xpdf CESA-2010:0751 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
RedHat Update for kdegraphics RHSA-2010:0753-01
Check for the Version of kdegraphics OpenVAS Vulnerability Test RedHat Update for kdegraphics RHSA-2010:0753-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
Oracle Virtual Server Agent Command Injection
Exploit for unix platform in category remote exploits ============================================= Oracle Virtual Server Agent Command Injection ============================================= 1. Advisory Information Advisory ID: BONSAI-2010-0109 Date published: 2010-10-13 Vendors contacted: Oracl...
Oracle Critical Patch Update Advisory - October 2010
Oracle Critical Patch Update Advisory - October 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
Oracle Virtual Server Agent - Command Injection
Oracle Virtual Server Agent Command Injection ============================================= 1. Advisory Information Advisory ID: BONSAI-2010-0109 Date published: 2010-10-13 Vendors contacted: Oracle Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely...
Oracle Releases Critical Patch for October 2010
Oracle has released its Critical Patch Update for October 2010 to address 85 vulnerabilities across multiple products. This update contains the following security fixes: 7 for Oracle Database Server 8 for Oracle Fusion Middleware 1 for Oracle Enterprise Manager Grid Control 6 for Oracle E-Busines...
Oracle Critical Patch Update - October 2010
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...
Oracle Releases Pre-Release Announcement for October 2010
Oracle has issued a critical patch update pre-release announcement indicating that its October release will contain 81 new vulnerability fixes. Release of the critical patch update is scheduled for Tuesday, October 12, 2010. US-CERT encourages users and administrators to review the pre-release...
Java Runtime CMM readMabCurveData Buffer Overflow
Added: 10/04/2010 CVE: CVE-2010-0838 BID: 39069 OSVDB: 63500 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum...
RedHat Update for samba3x RHSA-2010:0698-01
Check for the Version of samba3x OpenVAS Vulnerability Test RedHat Update for samba3x RHSA-2010:0698-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...