lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <52E6E5C9.2000904@netinfiltration.com>
Date: Mon, 27 Jan 2014 18:03:37 -0500
From: "NI @root" <security@...infiltration.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Oracle Reports Exploit - Remote Shell/Dump
	Passwords


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Exploit code released

Oracle Forms and Reports
9iAS, 9iDS, 10G (DS and AS), and 10G AS Reports/Forms Standalone
Installation
11g if patch or workaround not applied
12g code rewrite has mitigated this vulnerability.

Undocument PARSEQUERY function allows dumping database user/pass@db with
unauthenticated browser. Patch/workaround doesn't seem to actually
address the parsequery problem but seems they simply obfuscated it by
disabling diagnostic output.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3153

URLPARAMETER vulnerability allows browsing/downloading files, planting
files as well as gaining a remote shell

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3152 and
CVE-2012-????

Exploits can be found here

http://netinfiltration.com/

- -- 
Dana Taylor
http://netinfilration.com
@netinfiltration
@miss_sudo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJS5uXJAAoJELwuSLPAtCgju9cH/0QcPuT8wGEbxAaxaHyFJl5r
BxdGCXm51pUFBa3poh9hxYDinxRqhPsWCzgBNW/xfgVF8xk0/XGSNfLNpLRE3q0d
x8M2H0HSXAHozv1ItdCh2C1Xdd35qvDXy6IzR1MiHT8Jv3RyznucrkdyHYFbT1as
7ppxktSbBltOxADg8TLHOAnmMNwD3kpZUYnMVuK9G1bL7GgAo7npyBr7A2mvPN1B
OPeAb5rfDpFZeT6OJ1VoodE4gOOKdvb6iexYe9yHfzeispZp948ItVhhPAhYbRXJ
PYjA7lZiZnNwZeZKotGJxv2Z8L2CbE10q7N8W/ntSbLOfrm4REL0tJ8NvAxg72M=
=XkQd
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ