Posts Tagged ‘oracle’
Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
#!/bin/bash #Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability #1-day exploit for CVE-2009-1977 and CVE-2009-1978 #PoC script successfully tested on: #Oracle Secure Backup Server 10.3.0.1.0_win32_release #MS Windows Professional XP SP3 #In August 2009, ZDI discloses a few details [...]
Oracle Database Server Resource Manager Buffer Overflow
To exploit this vulnerability it is required to have ALTER SYSTEM privilege. Exploitation of this vulnerability allows an attacker to execute arbitrary code. It can also be exploited to cause DoS (Denial of service) killing the Oracle server process. Credit: The information has been provided by Esteban Mart nez Fay . Vulnerable [...]
Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities
This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability but an attacker must be authenticated. Credit: The information has been provided by zdi-disclosures at tippingpoint.com. The original article can be [...]
Bypassing DBMS_ASSERT in certain situations
DBMS_ASSERT can be used to prevent PL/SQL injection. In certain cases it can be bypassed. This is documented in a paper I wrote in July 2008 but am only publishing now: http://www.databasesecurity.com/oracle/Bypassing-DBMS_ASSERT.pdf Cheers, David Litchfield NGSSoftware Ltd http://www.ngssoftware.com/ -- E-MAIL DISCLAIMER The [...]
Oracle PL/SQL Injection Flaw in REPCAT_RPC.VALIDATE_REMOTE_RC
Hey all, The Oracle REPCAT_RPC.VALIDATE_REMOTE_RC function executes blocks of anonymous PL/SQL that can be influenced by an attacker to execute arbitrary PL/SQL. As this package is only accessible directly by SYS this flaw would not normally present a risk. However, the REPCAT_RPC.VALIDATE_REMOTE_RC function can be used as an auxiliary inject [...]
Oracle 11g (11.1.0.6) Password Policy and Compliance
Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g (11.1.0.6), if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their April 2009 Critical Patch Update and maps to [...]
Bypassing Oracle dbms_assert
by Alexander Kornbrust of Red-Database-Security GmbH http://www.red-database-security.com Summary: By using specially crafted parameters (in double quotes) it is possible to bypass the input validation of the package dbms_assert and inject SQL code. This makes dozens of already fixed Oracle vulnerabilities exploitable in all versions of [...]
![Joomla Component XOBBIX [prodid] SQL Injection Vulnerability](http://news.dreamings.org/wp-content/themes/news-magazine-theme-640/cropper.php?src=http://news.dreamings.org/wp-content/uploads/2010/02/Coffee-Time-150x150.png&h=50&w=50&zc=1&q=95)