Team SHATTER Security Advisory: Elevated roles through DBCC

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Elevated roles through DBCC Risk Level: High Affected versions: Sybase ASE 15.0, 15.5, 15.7 Remote exploitable: No Credits: This vulnerability was discovered and researched by Martin Rakhmanov of Application...

Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Multiple SQL Injection in Oracle Enterprise Manager SQL Tunning Sets components. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.3 and previous patchsets Remote...

Oracle Enterprise Manager SQL injection Vulnerability

Exploit for jsp platform in category web applications -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory SQL Injection in Oracle Enterprise Manager compareWizFirstConfig web page. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control...

Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit

// /Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit/ /grant DBA and create new OS user java/ // /exploit grant DBA to scott/ /and execute OS command "net user"/ /using java procedures / // /tested on oracle 10.1.0.5.0/ // // / Date of Public EXPLOIT: January 6, 2009 / / Written by: Alexand...

Oracle 10g - SYS.LT.MERGEWORKSPACE SQL Injection

// /Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit/ /grant DBA and create new OS user java/ // /exploit grant DBA to scott/ /and execute OS command "net user"/ /using java procedures / // /tested on oracle 10.1.0.5.0/ // // / Date of Public EXPLOIT: January 6, 2009 / / Written by: Alexand...

Oracle 10g - SYS.LT.REMOVEWORKSPACE SQL Injection

// /Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit/ /grant DBA and create new OS user advanced extproc/ // /exploit grant DBA to scott/ /and execute OS command "net user"/ /using advanced extproc method/ // /tested on oracle 10.1.0.5.0/ // // / Date of Public EXPLOIT: January 6, 2009 / /...

Team SHATTER Security Advisory: Multiple DoS in JAR files manipulation procedures

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Multiple DoS in JAR files manipulation procedures April 17th 2008 Risk Level: High Affected versions: All versions of IBM DB2 Database Server on Windows platform. Remote exploitable: Yes Authentication to Database Server...

USN-180-2: MySQL 4.1 vulnerability

USN-180-1 fixed a vulnerability in the mysql-server package which ships version 4.0. Version 4.1 is vulnerable against the same flaw. Please note that this package is not officially supported in Ubuntu 5.10. Origial advisory: "AppSecInc Team SHATTER discovered a buffer overflow in the "CREATE...

USN-180-1: MySQL vulnerability

AppSecInc Team SHATTER discovered a buffer overflow in the "CREATE FUNCTION" statement. By specifying a specially crafted long function name, a local or remote attacker with function creation privileges could crash the server or execute arbitrary code with server privileges. However, the right to...