lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 2 Apr 2007 13:12:04 -0500 (CDT)
From: Gadi Evron <ge@...uxbox.org>
To: "Andrea \"bunker\" Purificato" <bunker@...twebnet.it>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: 0day Oracle 10g exploit - dbms_aq.enqueue -
	become DBA

On Mon, 2 Apr 2007, Andrea "bunker" Purificato wrote:
> [0-day] Remote Oracle DBMS_AQ.ENQUEUE exploit (10g)

Not a 0day. Just publicly released exploit code.

This is:
1. Patched.
2. Not publicly exploitable.

	Gadi.


> 
> Grant or revoke dba permission to unprivileged user
> Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.3.0"
>    
>   AUTHOR: Andrea "bunker" Purificato
>           http://rawlab.mindcreations.com
> 
>   DATE:   Mon Apr  2 11:54:22 CEST 2007
>  
>   PATCH:  http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html
>           (CVE-2007-0268 ?)
> 
> 
> You can find the evil code here: 
> http://rawlab.mindcreations.com/codes/exp/oracle/dbms_aq-enqueue.pl
> 
> 
> Regards,
> -- 
> Andrea "bunker" Purificato
> +++++++++++[>++++++>+++++++++++++++++++++++++++++++++>++++
> ++++++<<<-]>.>++++++++++.>.<----------.>---------.<+++++++.
> 
> http://rawlab.mindcreations.com 
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ