6 matches found
Oracle Database Server SQL Injection In Package SYS.KUPV (CVE-2006-0586)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, i.e. procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...
Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit
No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...
Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL / SQL Injection
/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA AUTONOMOUSTRANSACTION; BEGIN EXECUTE IMMEDIATE 'GRANT DBA TO TEST'...
Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL SQL Injection
Oracle 10g - SYS.KUPV$FT.ATTACHJOB PL SQL Injection / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...
[Full-disclosure] Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT_INT
Oracle forgot to inform me that these vulnerabilities are also fixed. http://www.red-database-security.com/advisory/oraclesqlinjectionkupv$ ftint.html Name SQL Injection in package SYS.KUPV$FTINT Affected Oracle 10g Release 1 Severity High Risk Category SQL Injection Vendor URL...
[Full-disclosure] Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT
Oracle forgot to inform me that these vulnerabilities are also fixed. http://www.red-database-security.com/advisory/oraclesqlinjectionkupv$ ft.html SQL Injection in package SYS.KUPV$FT Name SQL Injection in package SYS.KUPV$FT Affected Oracle 10g Release 1 Severity High Risk Category SQL Injectio...