what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

oracle_database_vault_en.pdf
Posted Oct 29, 2007
Authored by Joxean Koret

Slides from the presentation Oracle Database Vault: Design Failures.

tags | paper
SHA-256 | aa413dac2420e9793150ea25140ef356d8f3b5c166c5a82b88e5082a51840006

Related Files

Oracle WebLogic wls-wsat Component Deserialization Remote Code Execution
Posted Jan 28, 2018
Authored by Alexey Tyurin, Federico Dotta, Kevin Kirsche, Luffin | Site metasploit.com

The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.

tags | exploit, remote, code execution
advisories | CVE-2017-10271
SHA-256 | 4ec37da27b4c2bc377cee005689b9de7e837a03542a60ce1130758c857cb9228
Oracle JDeveloper IDE Directory Traversal
Posted Jan 18, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Oracle JDeveloper IDE suffers from a directory traversal vulnerability.

tags | exploit
advisories | CVE-2017-10273
SHA-256 | 1d176bdbee49ba892cf19cf1e3798bd83c3a891b6a5e40b040c9740c38088530
Oracle E-Business Suite 12.x Unconstrainted File Download
Posted Jan 22, 2017
Authored by Owais Mehtab, Tayeeb Rana

Oracle E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6 suffer from an unconstrained file download vulnerability.

tags | exploit
advisories | CVE-2017-3277
SHA-256 | 9aae3dbd6f7dc3149e3d98324e0cd339aa6a4a5b85500b4164c9b406d0301082
Oracle Netbeans IDE 8.1 Directory Traversal
Posted Oct 20, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Oracle Netbeans IDE version 8.1 suffers from a directory traversal vulnerability.

tags | exploit
advisories | CVE-2016-5537
SHA-256 | fcd77a7ca37698cc313eccfc4beebbe095c88b70b0ee7e76a01fd60ad3e4e156
Oracle Orakill.exe 11.2.0 Buffer Overflow
Posted Jun 14, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Oracle's orakill.exe binary version 11.2.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | c9fef9d30e9b9bf8c1f6540912d5512f614b2ec08e1c53effd8a3d2295ba9b2f
Oracle ATS Arbitrary File Upload
Posted May 24, 2016
Authored by wvu, Zhou Yu | Site metasploit.com

This Metasploit module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite (OATS), version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell.

tags | exploit, arbitrary, shell, file upload
SHA-256 | 472df2245622a97749e8706f2ba968606decb46822546f51bf7cc6c5391ad65f
Java Platform SE 6 U24 HtmlConverter.exe Buffer Overflow
Posted Jan 21, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Java Platform SE 6 U24 HtmlConverter.exe version 6.0.240.50 suffers from a buffer overflow vulnerability.

tags | exploit, java, overflow
SHA-256 | c26dad11dc7a3b97b9cbe8edf6f976878186e3d92c3d957301ddda94e2f412c6
Oracle BeeHive 2 Code Execution
Posted Dec 3, 2015
Authored by mr_me, sinn3r, 1c239c43f521145fa8385d64a9c32243 | Site metasploit.com

This Metasploit module exploits a vulnerability found in Oracle BeeHive. The processEvaluation method found in voice-servlet can be abused to write a malicious file onto the target machine, and gain remote arbitrary code execution under the context of SYSTEM.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2010-4417
SHA-256 | 0dd4b2592fada413038b4c9f336ee7ca63693bbb79a1842a8646d6ac30bff4df
Oracle BeeHive 2 Arbitrary File Upload
Posted Dec 3, 2015
Authored by mr_me, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Oracle BeeHive. The prepareAudioToPlay method found in voice-servlet can be abused to write a malicious file onto the target machine, and gain remote arbitrary code execution under the context of SYSTEM. Authentication is not required to exploit this vulnerability.

tags | exploit, remote, arbitrary, code execution
SHA-256 | 2ffb837bd56e22b7a4670bff61370cd18bac27e5c719ed050224b17709ad6f2e
Inside The Mind Of Oracle's Mary Ann Davidson
Posted Aug 11, 2015
Authored by Mary Ann Davidson

This is a public blog posted by Oracle's CSO Mary Ann Davidson. It provides a rare glimpse into the corporate mindframe reminding us all that license agreements are always respected by hostile parties and therefore security researchers should not even consider reverse engineering Oracle's code base. As has been proven time and again, Oracle's bullet proof unbreakable security does not need public vetting and they consistently can identify and address all issues without your needless meddling.

tags | paper
SHA-256 | d16deebdad2785cf38a42eaa182a2fd03f6976eacc830f7b05b1f5489393b40f
VoIP Wars: Attack Of The Cisco Phones
Posted Aug 18, 2014
Authored by Fatih Ozavci

These are the slides from the presentation "VoIP Wars: Attack of the Cisco Phones" from the talk given at Defcon 22 and Blackhat USA 2014.

tags | paper
systems | cisco
SHA-256 | 720ddb24a662b21cf705390762e270841f4e60b42dfbc2cfb78cf7cff84316a9
Oracle Data Redaction Is Broken
Posted Jul 16, 2014
Authored by David Litchfield

Oracle data redaction is a simple but clever and innovative idea from Oracle. However, at present, there are weaknesses that undermine its effectiveness as a good security mechanism. These weaknesses can be exploited via web based SQL injection attacks and this paper details those weaknesses and provides suggestions on how it can be improved and made more secure.

tags | paper, web, sql injection
SHA-256 | 8cb488d94f0f24c541295b45894955646b915f06b2bd3f2038f2c4e7aac4422f
Oracle Event Processing FileUploadServlet Arbitrary File Upload
Posted Jul 6, 2014
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits an Arbitrary File Upload vulnerability in Oracle Event Processing 11.1.1.7.0. The FileUploadServlet component, which requires no authentication, can be abused to upload a malicious file onto an arbitrary location due to a directory traversal flaw, and compromise the server. By default Oracle Event Processing uses a Jetty Application Server without JSP support, which limits the attack to WbemExec. The current WbemExec technique only requires arbitrary write to the file system, but at the moment the module only supports Windows 2003 SP2 or older.

tags | exploit, arbitrary, file upload
systems | windows
advisories | CVE-2014-2424
SHA-256 | 354b179956fa5730561cdacb3cb83ea87cbbaf8af2b2d69f7b545cc36d2d4223
Oracle SID Detection Techniques Part 4
Posted Jun 15, 2014
Authored by Ali Abbasi

Whitepaper called Oracle SID Detection Techniques - Part 1. Written in Persian.

tags | paper
SHA-256 | 216902657ee1a360c1b1d862f34bf7cec694092990536e667eff806c67124f16
Oracle SID Detection Techniques Part 3
Posted Jun 15, 2014
Authored by Ali Abbasi

Whitepaper called Oracle SID Detection Techniques - Part 3. Written in Persian.

tags | paper
SHA-256 | 99d5fc68bd7f308a7fb0286580dfe9fb08fa67f54a4512ba6fc79242096c12a4
Oracle SID Detection Techniques Part 2
Posted Jun 15, 2014
Authored by Ali Abbasi

Whitepaper called Oracle SID Detection Techniques - Part 2. Written in Persian.

tags | paper
SHA-256 | dce6b5307b6f20bb7d98b49054356d04c564fab5330fc55d8943a23c414fdf59
Oracle SID Detection Techniques Part 1
Posted Jun 15, 2014
Authored by Ali Abbasi

Whitepaper called Oracle SID Detection Techniques - Part 1. Written in Persian.

tags | paper
SHA-256 | b840fcc9f91bdcdd628bf96a2b8007f515b3578cf72d2146034d794c32e08817
Oracle Forms / Reports Remote Code Execution
Posted Feb 18, 2014
Authored by Mekanismen, Dana Taylor | Site metasploit.com

This Metasploit module uses two vulnerabilities in Oracle forms and reports to get remote code execution on the host. The showenv url can be used to disclose information about a server. A second vulnerability that allows arbitrary reading and writing to the host filesystem can then be used to write a shell from a remote url to a known local path disclosed from the previous vulnerability. The local path being accessible from an URL then allows us to perform the remote code execution using for example a .jsp shell. Tested on Windows and Oracle Forms and Reports 10.1.

tags | exploit, remote, arbitrary, shell, local, vulnerability, code execution
systems | windows
advisories | CVE-2012-3152, CVE-2012-3153, OSVDB-86395, OSVDB-86394
SHA-256 | 0ae51161a01d969079b5ae31c9e558381714eaaed892cb6da032845477f29e85
Oracle Endeca Server Remote Command Execution
Posted Aug 24, 2013
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On the other hand, the injection has been found to be Windows specific. This Metasploit module has been tested successfully on Endeca Server 7.4.0.787 over Windows 2008 R2 (64 bits).

tags | exploit, web
systems | windows
advisories | CVE-2013-3763, OSVDB-95269
SHA-256 | fdafe64c526b291f8bc73bfd5eb8e62b37efd1524e773b087d3cc9cb3a8c5297
Security Assessments Of IPv6 Networks And Firewalls
Posted Jun 16, 2013
Authored by van Hauser, Fernando Gont

These are presentation slides from the German IPv6 Kongress that was held in Frankfurt, Germany in 2013.

tags | paper
SHA-256 | bc707bd82aae4f68dfff095f7eb059d3eff1bb8aae00edc3d6984f3f773c302b
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Posted Jun 2, 2013
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit modules exploits a vulnerability found in the Oracle WebCenter Content CheckOutAndOpenControl ActiveX. This vulnerability exists in openWebdav(), where user controlled input is used to call ShellExecuteExW(). This Metasploit module abuses the control to execute an arbitrary HTA from a remote location. This Metasploit module has been tested successfully with the CheckOutAndOpenControl ActiveX installed with Oracle WebCenter Content 11.1.1.6.0.

tags | exploit, remote, arbitrary, activex
advisories | CVE-2013-1559, OSVDB-92386
SHA-256 | b0e1c2b4d5000f5d54ab03faad81b1e6f76cdaf93878521b78deb176531d5582
Manipulating Memory For Fun And Profit
Posted Feb 9, 2013
Authored by High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Memory analysis and manipulation can provide security analysts with formidable weapons. During his talk at Information Security Day for ISACA Luxembourg Chapter, Frederic BOURLA presented most memory manipulation tricks from both offensive and defensive angles. The talk first dealt with the attacker’s layer, from pivoting attacks to IEEE1394 issues through in-memory fuzzing, which permits auditors to bypass built-in features, network limitations and encryption to remain able to uncover security vulnerabilities in a running application. In a second stage, the talk focused on the benefits of memory manipulation in computer forensics and malware analysis fields, especially when facing sophisticated malcode, such as kernel rootkits or heavily encrypted reverse trojans. Basically, this talk aimed to open the doors to a fascinating world which could easily allow security analysts to save lots of time during their recurrent duties. These are the slides from the talk.

tags | paper, kernel, trojan, vulnerability
SHA-256 | b14650723522b783a88513058899a3613617d57af6a2e3623fafefaf8a3866fa
Oracle Auto Service Request File Clobber
Posted Feb 5, 2013
Authored by Larry W. Cashdollar

Oracle Auto Service Request creates files insecurely in /tmp using time stamps instead of mkstemp(). Due to this, it is possible to clobber root owned files and possibly cause a denial of service condition or worse.

tags | exploit, denial of service, root
systems | solaris
SHA-256 | 3201569e185a30abb901fe01ff0684a58d22ab75b3d2eb41883373ead659d4e8
Oracle Automated Service Manager 1.3 Local Root
Posted Feb 1, 2013
Authored by Larry W. Cashdollar

Oracle Automated Service Manager version 1.3 suffers from a local root privilege escalation vulnerability during install.

tags | exploit, local, root
SHA-256 | 541a2508bc332207de3f68c469abd43870d40347d9628cf361e59c570beb5ac0
Oracle BTM FlashTunnelService Remote Code Execution
Posted Sep 15, 2012
Authored by rgod, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to arbitrary locations. In order to execute remote code two techniques are provided. If the Oracle app has been deployed in the same WebLogic Samples Domain a JSP can be uploaded to the web root. If a new Domain has been used to deploy the Oracle application, the Windows Management Instrumentation service can be used to execute arbitrary code. Both techniques has been successfully tested on default installs of Oracle BTM 12.1.0.7, Weblogic 12.1.1 and Windows 2003 SP2. Default path traversal depths are provided, but the user can configure the traversal depth using the DEPTH option.

tags | exploit, remote, web, arbitrary, root
systems | windows
advisories | OSVDB-85087
SHA-256 | 7ce41ed8870542efde605f50001955d8595ff56317328c0892477dec49dbddec
Page 1 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close