lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1193927792.27541.4.camel@localhost>
Date: Thu, 01 Nov 2007 15:36:32 +0100
From: Joxean Koret <joxeankoret@...oo.es>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Full-Disclosure Digest, Vol 33, Issue 1

Hi,

You're wrong. First of all, yes, is a preauth sql injection in an "admin
console" but, if you have privileges to connect to the Oracle Financials
instance, even as a normal unprivileged user, you have sufficient
privileges to access it. You don't need to have assigned the SYSADMIN
responsability.

And second, there are many ways to bypass authentication in Oracle
E-Business Suite, at least in version 11i, I'm not sure if the same
problems applies to R12. I can't release more details right now.

Thanks,
Joxean Koret

On jue, 2007-11-01 at 12:00 +0000,
full-disclosure-request@...ts.grok.org.uk wrote:
> 
> Message: 8
> Date: Wed, 31 Oct 2007 22:55:36 -0500
> From: reepex <reepex@...il.com>
> Subject: Re: [Full-disclosure] ZDI-07-058: Oracle E-Business Suite SQL
>         Injection Vulnerability
> To: "zdi-disclosures@...m.com" <zdi-disclosures@...m.com>,
>         full-disclosure@...ts.grok.org.uk
> Message-ID:
>         <e9d9d4020710312055q417f681dw70d706ae81d03ef5@...l.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
> 
> post auth sql injection in random admin console - lulz
> 
> On 10/31/07, zdi-disclosures@...m.com <zdi-disclosures@...m.com>
> wrote:
> > The specific flaw exists in the okxLOV.jsp page in the
> Administration
> > console. 

Download attachment "signature.asc" of type "application/pgp-signature" (192 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ