CVE-2005-2073

Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents...

IBM DB2 universal database protection bypass

User with only SELECT permissions can can insert, update or delete records...

CVE-2005-1254

Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service crash via a SELECT command with a large argument...

CVE-2005-1495

Oracle Database 9i and 10g disables Fine Grained Audit FGA after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection...

CVE-2005-1495

Oracle Database 9i and 10g disables Fine Grained Audit FGA after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection...

Oracle Fine Grained Auditing Issue in Oracle 9i / 10g

Name Oracle Fine Grained Auditing Issue Systems Affected Oracle Database 9i / 10g Severity Medium Risk Category Auditing disabled Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 02 May 2005 V 1.00 Details Fine grained audit FGA does not work if the...

DEBIAN-CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...

CVE-2005-0247

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

UBB Thread printthread.php SQL Injection

UBB Thread /ubbthreads/printthread.php SQL Injection YesNo vulnerability Full Disclosure Bug discovered By: Axl Exploit By: HLL hllhll at gmail.com 1. Introduction There Is a flaw in printthread.php due to insufficient bound checking of the 'main' query parameter wich allows a malicues SQL to be...

exp3.pl.txt

!/usr/bin/perl Mysql CREATE FUNCTION libc arbitrary code execution. Author: Stefano Di Paola Vulnerable: Mysql 0; use constant PASS = "USEYOURPASSHERE"; Connect to the database. my $dbh = DBI-connect"DBI:mysql:database=test;host=localhost", "root", PASS ,'RaiseError' = 1; This is the opcode point...

security flaw

Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via 1 a large number of variables in a SQL statement being handled by the readsqlconstruct function, 2 a large number of INTO variables in a SELECT statement being handled by the...

fd_set -- bitmap index overflow in multiple applications

3APA3A reports: If programmer fails to check socket number before using select or fdset macros, it's possible to overwrite memory behind fdset structure. Very few select based application actually check FDSETSIZE value. ... Depending on vulnerable application it's possible to overwrite portions o...

CVE-2002-1420

OpenBSD 3.1 and earlier are affected by a local privilege escalation due to an integer signedness error in select(2): a negative size value passes the boundary check as signed but is then used as unsigned during a data copy, allowing a local user to overwrite kernel memory. Impact: local code/ker...

CVE-2004-0709

HP OpenView Select Access 5.0 through 6.0 does not correctly decode UTF-8 encoded unicode characters in a URL, which could allow remote attackers to bypass access restrictions...

[security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBMA01045 REVISION: 0 SSRT4719 rev.0 hp OpenView Select Access remote unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin...

HP OpenView Select Access fails to properly decode UTF-8 encoded unicode characters in URLs

Overview There is a vulnerability in the way HP OpenView Select Access decodes UTF-8 encoded unicode characters in URLs. This vulnerability could allow a remote user to gain access to resources the user would otherwise be unauthorized to access. Description HP OpenView Select Access is a software...

DoS против MDaemon (imap buffer overflow)

Переполнение буфера в команде Select пользователь должен быть авторизован...

CVE-2003-0399

Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgncreds cookie to an arbitrary value and directly accessing the save template...

S21SEC-017 - Vignette /vgn/legacy/save SQL access

ID: S21SEC-017-en Title: Vignette /vgn/legacy/save SQL access Date: 15/03/2003 Status: Vendor contacted and solution available Scope: Execution of SQL SELECT calls Platforms: All Author: rpinuaga Location: http://www.s21sec.com/es/avisos/s21sec-017-en.txt Release: External S 2 1 S E C...

MySQL privelege escalation

By spoofing datadir/my.cnf with SELECT INTO it's possible to launch MySQL with any account, including root...