Page 139 of 714 results (0.017 seconds)

CVSS: 4.4EPSS: 0%CPEs: 87EXPL: 0

Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password. • http://marc.info/?l=bugtraq&m=110382247308064&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 http://www.kb.cert.org/vuls/id/316206 http://www.ngssoftware.com/advisories/oracle23122004D.txt http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf http://www.us-cert.gov/cas/techalerts/TA04-245A.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.0EPSS: 83%CPEs: 88EXPL: 0

Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure. • http://marc.info/?l=bugtraq&m=110382570313035&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 http://www.kb.cert.org/vuls/id/316206 http://www.ngssoftware.com/advisories/oracle23122004J.txt http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf http://www.securityfocus.com/bid/10871 http://www.us-cert.gov/cas/techalerts/TA04-245A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18666 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 70EXPL: 2

The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0. • https://www.exploit-db.com/exploits/24335 http://marc.info/?l=bugtraq&m=109147677214087&w=2 http://secunia.com/advisories/12205 http://www.securityfocus.com/bid/10829 https://exchange.xforce.ibmcloud.com/vulnerabilities/16839 •

CVSS: 2.1EPSS: 93%CPEs: 1EXPL: 6

Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions. By passing an overly long token to the UNLOCK command, a stack based buffer overflow occurs. • https://www.exploit-db.com/exploits/1365 https://www.exploit-db.com/exploits/42780 https://www.exploit-db.com/exploits/80 https://www.exploit-db.com/exploits/16731 https://www.exploit-db.com/exploits/16714 https://www.exploit-db.com/exploits/16809 http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf •

CVSS: 9.0EPSS: 30%CPEs: 31EXPL: 0

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. Desbordamiento de búfer basado en la pila en Oracle Net Sevices de Oracle Database Server 9i release 2 y anteriores permite a atacantes ejecutar código arbitrario mediante una consulta "CREATE DATABASE LINK" conteniendo una cadena de conexión con un parámetro USING largo. • http://marc.info/?l=bugtraq&m=105162831008176&w=2 http://marc.info/?l=ntbugtraq&m=105163376015735&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf http://www.ciac.org/ciac/bulletins/n-085.shtml http://www.securityfocus.com/bid/7453 https://exchange.xforce.ibmcloud.com/vulnerabilities/11885 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •