Exploit the possiblities
Showing 1 - 25 of 47 RSS Feed

Files from Alexander Kornbrust

Email addressak at red-database-security.com
First Active2005-07-14
Last Active2009-04-16
APEX Password Hash Disclosure
Posted Apr 16, 2009
Authored by Alexander Kornbrust | Site red-database-security.com

Unprivileged database users can see password hashes in APEX version 3.0.

tags | exploit, info disclosure
advisories | CVE-2009-0981
MD5 | 9b427a240f309953a54a45c86cfb03a5
DBMS_AQIN SQL Injection
Posted Apr 16, 2009
Authored by Alexander Kornbrust | Site red-database-security.com

The package DBMS_AQIN contains a SQL injection vulnerability in the procedure DEQ_EXEJOB. Oracle versions 10.1.0.5 through 11.1.0.7 are affected.

tags | advisory, sql injection
advisories | CVE-2009-0992
MD5 | 866f9e1ee4fe79cde7302249f4e73b68
D2T2_-_Alexander_Kornbrust_-_Practical_Oracle_Forensics.zip
Posted Apr 21, 2008
Authored by Alexander Kornbrust | Site conference.hitb.org

Practical Oracle Forensics - Oracle forensics is a new discipline without special tools/scripts. Most presentations about Oracle forensics are still very basic. The typical approach in these presentations is to show what tools/(log)files are available to do forensics. In the real world with huge databases (many GB, sometimes TB) it is normally not helpful. This presentation is using a different approach. Based on the different type of attackers (leaving employee, nosy DBA/employee, external hacker etc.) we have different traces in Oracle and we show in different scenarios how to find evidence. We provide a free toolset to do a (basic) forensic analysis without having deep Oracle knowledge.

MD5 | 129a331ab4dceca1f3a724bcc9488140
oracle-hardcode.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 10g Release 2 suffer from a hard coded password vulnerability.

tags | advisory
MD5 | 7da99c4cc36e57e505c23ea26d775a44
oraclesdogeom-sql.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 10g Release 1 suffer from a SQL injection vulnerability in the SDO_GEOM package.

tags | advisory, sql injection
MD5 | dabec34981dd2f5a1d54d99b8c8e01a2
oraclesdoidx-sql.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 11g Release 1 suffer from a SQL injection vulnerability in the SDO_IDX package.

tags | advisory, sql injection
MD5 | 3fc79b8d27d90d862d68b45f9a4b3040
oraclesdoutil-sql.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 10g Releases 1 and 2 suffer from a SQL injection vulnerability in the SDO_UTIL package.

tags | advisory, sql injection
MD5 | 75dd7eedfd30b5a695e6c54f8477240e
oracle_apex_sql_injection_check_db_password.txt
Posted Jul 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle APEX suffers from a SQL injection vulnerability in the function wwv_flow_security.check_db_password.

tags | advisory, sql injection
MD5 | 4956fad79b96f4d8ea8445926cd628f3
oracle_sql_injection_dbms_prvtaqis.txt
Posted Jul 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 10g Release 1 suffer from a SQL injection vulnerability in package DBMS_PRVTAQIS.

tags | advisory, sql injection
MD5 | d8aff3c7d04f6dc394e84c3ce6d8d1cb
oracle_cpu_jul_2007.txt
Posted Jul 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 8i through 10g Release 2 allow updates, deletes and inserts via specially crafted views without having the right privileges.

tags | advisory
MD5 | 983012a6e51d19bba18e796f5e0b9fc0
oracle-tns.txt
Posted Apr 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

The Oracle Discoverer Servlet suffers from a flaw that allows for the TNS listener to be shutdown.

tags | advisory
MD5 | 139953228fdc6b809e7be457825c83db
oracle1016-xss.txt
Posted Apr 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle Secure Enterprise Search version 10.1.6 suffers from a cross site scripting flaw.

tags | exploit, xss
MD5 | 77c1ee2611b686caf0fa1c71b7e5ec7c
oracle-sqlinj2.txt
Posted Apr 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 8i through 10g release 2 suffers from a SQL injection vulnerability in SYS.DBMS_UPGRADE_INTERNAL.

tags | advisory, sql injection
MD5 | 51bc74ce0b8c40bf62219e2aba7ad9c0
oracle-sqlinj.txt
Posted Apr 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 8i through 10g release 2 suffers from a SQL injection vulnerability in SYS.DBMS_AQADM_SYS.

tags | advisory, sql injection
MD5 | cfe3302cf32f35303852be4d404d2204
oracle-bypass.txt
Posted Apr 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

It is possible to bypass the Oracle database logon trigger.

tags | advisory, bypass
MD5 | ba879f41e61c4de0182c8befb8d32e77
bypass_dbms_assert.pdf
Posted Jul 28, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

Whitepaper titled "Bypassing Oracle dbms_assert".

tags | paper
MD5 | ac0419dc44ce733a0a575d1bdbc20e3b
oracle-SYS.DBMS_UPGRADE.txt
Posted Jul 20, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.DBMS_UPGRADE package.

tags | advisory, sql injection
MD5 | ccb0d8cc0318646ea09113231210b96f
oracle-SYS.DBMS_STATS.txt
Posted Jul 20, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.DBMS_STATS package.

tags | advisory, sql injection
MD5 | 5d30bec9f37f4c9411c771513edb9956
oracle-SYS.KUPW.txt
Posted Jul 20, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.KUPW$WORKER package.

tags | advisory, sql injection
MD5 | 41d4d2557cebc839ddac02fad650716d
oracle-SYS.DBMS_CDC_IMPDP.txt
Posted Jul 20, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.DBMS_CDC_IMPDP package.

tags | advisory, sql injection
MD5 | 3f93109d9cff413098765de02e589584
Oracle-select.txt
Posted Apr 14, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle versions 9.2.0.0-10.2.0.3 suffer from an unpatched vulnerability which allows users with SELECT only privileges on a base table to insert/update/ delete data via a specially crafted view.

tags | advisory
MD5 | 17d3a2449bc78bd52c6f8e42744ecf1c
oracle_sql_injection_kupvft.txt
Posted Jan 25, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

The package SYS.KUPV$FT contains 3 SQL injection vulnerabilities in the functions ATTACH_JOB, OPEN_JOB, HAS_PRIVS. Oracle fixed these vulnerabilities with the package dbms_assert.

tags | advisory, vulnerability, sql injection
MD5 | 9e4912b4411503846108be173b49ba03
oracle_tde_wallet_password.txt
Posted Jan 25, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

The event 10053 is storing the masterkey of Oracle Transparent Data Encryption unencrypted in a trace-file. A skilled attacker or non-security DBA could set this special event to get the plaintext masterkey for the TDE encryption.

tags | advisory
MD5 | fe402342205b5fc2b23f6f163f7030b9
oracle_reports_read_any_file.txt
Posted Jan 25, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

The Oracle Reports parameter desformat can read any file by using an absolute or relative file name. Parts of the file content are displayed in the Reports error message.

tags | advisory
MD5 | 937bd94fa9e531cac60beeacfdbe36e6
oracle_reports_overwrite_any_file.txt
Posted Jan 25, 2006
Authored by Alexander Kornbrust | Site red-database-security.com

By specifing a special value for the parameter desname Oracle Reports can overwrite any file on the application server. On Windows systems an attacker can overwrite any files (e.g. boot.ini) on the application server. On UNIX system an attacker can overwrite all files (e.g. opmn.xml) which belongs to the Oracle Application Server user. This attack can be done with a simple URL.

tags | advisory
systems | windows, unix
MD5 | e6f5d67be6d37ba4b608e5f3e0a7af35
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close