28 matches found
EUVD-2006-5321
Malware in sbrugna...
EUVD-2006-5317
Malware in sbrugna...
Oracle PL/SQL Injection Flaw in REPCAT_RPC.VALIDATE_REMOTE_RC
Hey all, The Oracle REPCATRPC.VALIDATEREMOTERC function executes blocks of anonymous PL/SQL that can be influenced by an attacker to execute arbitrary PL/SQL. As this package is only accessible directly by SYS this flaw would not normally present a risk. However, the REPCATRPC.VALIDATEREMOTERC...
Bypassing DBMS_ASSERT in certain situations
DBMSASSERT can be used to prevent PL/SQL injection. In certain cases it can be bypassed. This is documented in a paper I wrote in July 2008 but am only publishing now: http://www.databasesecurity.com/oracle/Bypassing-DBMSASSERT.pdf Cheers, David Litchfield NGSSoftware Ltd...
Oracle BI — WB_OLAP_AW_REMOVE_SOLVE_ID - privilege escalation
Application: Oracle BI Versions Affected: Oracle BI Oracle Warehouse Builder 10.2.0.5, 11.1.0.7 Vendor URL: http://oracle.com Bugs: PL/SQL Injection, privilege escalation Exploits: YES Reported: 20.04.2009 Vendor response: 22.04.2009 Last response: 12.04.2011 Date of Public Advisory: 16.06.2011...
Oracle BI — WB_OLAP_AW_SET_SOLVE_ID - privilege escalation
Application: Oracle BI Versions Affected: Oracle BI Oracle Warehouse Builder 10.2.0.5, 11.1.0.7 Vendor URL: http://oracle.com Bugs: PL/SQL Injection, privilege escalation Exploits: YES Reported: 20.04.2009 Vendor response: 22.04.2009 Last response: 12.04.2011 Date of Public Advisory: 24.05.2011...
Oracle Database 11G PL/SQL Injection
Digital Security Research Group DSecRG Advisory DSECRG-09-003 Application: Oracle database 11G Versions Affected: Oracle 11.1.0.6 and 10.2.0.1 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 17.11.2008 Vendor response: 18.11.2008 Last response: 24.11.2008 Date of...
Oracle Database 10G CTXSYS.DRVXTABX — PLSQL Injection
Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vendor response: 31.01.2008 CVE: CVE-2009-1991 SVSS2: 3.6 Date of Public Advisory: 26.10.2009 Solution: YES Non official Author:...
Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit
No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - CREATE SESSION - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...
Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL/SQL Injection
No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - CREATE SESSION Max. Length 97. Very, very cool / select from userroleprivs ; DECLARE SEQUENCEOWNER VARCHAR2200; SEQUENCENAME VARCHAR2200; vuserid numbe...
Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit
No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...
Oracle 10g - SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL / SQL Injection
/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION Max. Length 97. Very, very cool / select from userroleprivs ; DECLARE SEQUENCEOWNER VARCHAR2200; SEQUENCENAME VARCHAR2200; vuserid number; vcommands VARCHAR232767; NEWVALUE NUMBER; BEGIN SELEC...
Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit
Exploit for multiple platform in category local exploits ======================================================== Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit ======================================================== / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret...
Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection
/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA AUTONOMOUSTRANSACTION; BEGIN EXECUTE IMMEDIATE 'GRANT DBA TO TEST'...
Oracle 10g - SYS.KUPW$WORKER.MAIN PL / SQL Injection
/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA AUTONOMOUSTRANSACTION; BEGIN EXECUTE IMMEDIATE 'GRANT DBA TO TEST';...
Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit
Exploit for multiple platform in category local exploits ========================================================== Oracle 10g SYS.KUPV$FT.ATTACHJOB PL/SQL Injection Exploit ========================================================== / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean...
Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL/SQL Injection
Exploit for multiple platform in category local exploits ============================================================ Oracle 10g SYS.DBMSCDCIMPDP.BUMPSEQUENCE PL/SQL Injection ============================================================ / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxe...
Oracle DISABLE_HIERARCHY_INTERNAL procedure vulnerable to PL/SQL injection
Overview The Oracle DISABLEHIERARCHYINTERNAL procedure is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle DISABLEHIERARCHYINTERNAL procedure fails to...
Oracle MDSYS.SDO_LRS package vulnerable to PL/SQL injection
Overview The Oracle MDSYS.SDOLRS package is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle MDSYS.SDOLRS package is vulnerable to PL/SQL injection...
Oracle CREATE_CHANGE_TABLE procedure vulnerable to PL/SQL injection
Overview The Oracle CREATECHANGETABLE procedure is vulnerable to PL/SQL injection. This vulnerability may allow a remote, authenticated attacker to execute arbitrary PL/SQL commands on a vulnerable Oracle installation. Description The Oracle CREATECHANGETABLE procedure fails to properly filter us...