Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection (CVE-2009-0978)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

Oracle Advanced Replication组件REPCAT_RPC.VALIDATE_REMOTE_RC()函数权限提升漏洞

BUGTRAQ ID: 35685 CVE ID: CVE-2009-1021 Oracle Database是一款商业性质大型数据库系统。 Oracle数据库Advanced Replication组件中的REPCATRPC.VALIDATEREMOTERC函数执行了可能受控的匿名PL/SQL。该函数取当前登录用户名为第一个参数，第二个参数VALIDATESTRING直接放到了PLSQL的匿名块中并执行： ... ... SQLCURSOR := DBMSSQL.OPENCURSOR; DBMSSQL.PARSESQLCURSOR, 'BEGIN ' || ' :err :=...

Oracle Database SYS.KUPW-WORKER Package MAIN Procedure SQL Injection (CVE-2006-3698)

Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...

[DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection

Digital Security Research Group DSecRG Advisory DSECRG-09-010 http://dsecrg.com/pages/vul/show.php?id=110 Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vend...

CVE-2009-2001

Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2009-2001

CVE-2009-2001 details (Oracle DB): Unspecified vulnerability in the PL/SQL component of Oracle Database 10.2.0.4 and 11.1.0.7. Exploitation requires remote access with authentication and can affect confidentiality, integrity, and availability . The Oracle October 2009 CPU documents this as a PL/S...

CVE-2009-2001

Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Oracle PL/SQL Injection Flaw in REPCAT_RPC.VALIDATE_REMOTE_RC

Hey all, The Oracle REPCATRPC.VALIDATEREMOTERC function executes blocks of anonymous PL/SQL that can be influenced by an attacker to execute arbitrary PL/SQL. As this package is only accessible directly by SYS this flaw would not normally present a risk. However, the REPCATRPC.VALIDATEREMOTERC...

Bypassing DBMS_ASSERT in certain situations

DBMSASSERT can be used to prevent PL/SQL injection. In certain cases it can be bypassed. This is documented in a paper I wrote in July 2008 but am only publishing now: http://www.databasesecurity.com/oracle/Bypassing-DBMSASSERT.pdf Cheers, David Litchfield NGSSoftware Ltd...

Oracle DB SQL Injection via SYS.LT.MERGEWORKSPACE

This module exploits a sql injection flaw in the MERGEWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle DB SQL Injection via SYS.LT.REMOVEWORKSPACE

This module exploits a sql injection flaw in the REMOVEWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE

This module exploits a sql injection flaw in the ROLLBACKWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE

This module exploits an sql injection flaw in the COMPRESSWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle BI — WB_OLAP_AW_REMOVE_SOLVE_ID - privilege escalation

Application: Oracle BI Versions Affected: Oracle BI Oracle Warehouse Builder 10.2.0.5, 11.1.0.7 Vendor URL: http://oracle.com Bugs: PL/SQL Injection, privilege escalation Exploits: YES Reported: 20.04.2009 Vendor response: 22.04.2009 Last response: 12.04.2011 Date of Public Advisory: 16.06.2011...

Oracle BI — WB_OLAP_AW_SET_SOLVE_ID - privilege escalation

Application: Oracle BI Versions Affected: Oracle BI Oracle Warehouse Builder 10.2.0.5, 11.1.0.7 Vendor URL: http://oracle.com Bugs: PL/SQL Injection, privilege escalation Exploits: YES Reported: 20.04.2009 Vendor response: 22.04.2009 Last response: 12.04.2011 Date of Public Advisory: 24.05.2011...

Oracle Forms Cross site Scripting in (iFcgi60.exe / f60servlet)

Oracle Forms Cross site Scripting in iFcgi60.exe / f60servlet About: Oracle Forms is a tool somewhat like Visual Basic in appearance, but the code inside is PL/SQL which allows a developer to quickly create user-interface applications which access an Oracle database in a very efficient and...

Digital Security Research Group [DSecRG] Advisory #DSECRG-09-003

Digital Security Research Group DSecRG Advisory DSECRG-09-003 Application: Oracle database 11G Versions Affected: Oracle 11.1.0.6 and 10.2.0.1 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 17.11.2008 Vendor response: 18.11.2008 Last response: 24.11.2008 Date of...

Oracle Database 11G PL/SQL Injection

Digital Security Research Group DSecRG Advisory DSECRG-09-003 Application: Oracle database 11G Versions Affected: Oracle 11.1.0.6 and 10.2.0.1 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 17.11.2008 Vendor response: 18.11.2008 Last response: 24.11.2008 Date of...

Oracle Database 11g — EXFSYS PL/SQL injection vulnerability

Application: Oracle database 11G Versions Affected: Oracle 11.1.0.6 and 10.2.0.1 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 17.11.2008 Vendor response: 18.11.2008 Last response: 24.11.2008 Date of Public Advisory: 13.01.2009 Author: Alexandr Polyakov Description...

Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database SQL Injection in SYS.DBMSCDCIPUBLISH.ALTERHOTLOGINTERNALCSOURCE November 12, 2008 Risk Level: Medium Affected versions: Oracle Database Server versions 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes...