exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-123
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-123 - This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are specified via the URI it is possible for an attacker to bypass the authentication mechanism and reach functionality otherwise inaccessible without proper credentials. This can be leveraged by remote attackers to trigger what were post-auth vulnerabilities without valid credentials.

tags | advisory, remote, arbitrary, vulnerability
MD5 | 9323dc9a2b88fde9db06f8b5acf5aecd
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Facebook Tackles Russians Making Fake News Stories
Posted Jan 17, 2019

tags | headline, government, usa, russia, fraud, cyberwar, facebook
Shareholders Demand Amazon End Facial Recognition Sales To Government
Posted Jan 17, 2019

tags | headline, government, privacy, usa, amazon
Two Ukrainians Charged With 2016 Hack Of SEC
Posted Jan 16, 2019

tags | headline, hacker, government, usa, cybercrime, data loss, fraud
NanoCore Trojan Is Protected In Memory From Being Killed Off
Posted Jan 16, 2019

tags | headline, malware, trojan
Fortnite Security Issue Would Have Granted Hackers Access To Accounts
Posted Jan 16, 2019

tags | headline, hacker, privacy, flaw, password
Yes, You Can Remotely Hack Factory, Building Site Cranes. Wait, What?
Posted Jan 16, 2019

tags | headline, hacker, flaw, scada
PoC For Windows VCF Zero-Day Published Online
Posted Jan 16, 2019

tags | headline, hacker, microsoft, flaw
Huawei Founder Denies Firm Poses Spying Risk
Posted Jan 15, 2019

tags | headline, government, usa, china, spyware, backdoor
Judge Rules Against Compelled Use Of Biometrics
Posted Jan 15, 2019

tags | headline, government, privacy, usa, phone, science
Tesla's Software Bug Bounty Is Going To The Big Leagues With Pwn2Own
Posted Jan 15, 2019

tags | headline, conference
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close