Penetration Testing mailing list archives

RE: Oracle?

From: "Majed Al-Masari" <malmassari () hotmail com>
Date: Fri, 25 Sep 2009 00:05:28 +0300

There are numerous exploits relating to Oracle 10/11g @ milw0rm.org mostly
SQL Injection techniques:


2009-09-14 Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
4922 R  D   ikki  
2009-07-02 Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit
5452 R  D   Sumit Siddharth  
2009-04-21 Oracle RDBMS 10.2.0.3/11.1.0.6 TNS Listener PoC (CVE-2009-0991)
2934 R  D   Dennis Yurichev  
2009-04-16 Oracle APEX 3.2 Unprivileged DB users can see APEX password
hashes 2958 R  D   Alexander Kornbrust  
2009-04-01 Oracle WebLogic IIS connector JSESSIONID Remote Overflow Exploit
7458 R  D   Guido Landi  
2009-02-18 Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)
11105 R  D   Sh2kerr  
2009-01-14 Oracle TimesTen Remote Format String PoC 3880 R  D   Joxean Koret

2009-01-14 Oracle Secure Backup 10g exec_qr() Command Injection
Vulnerability 6587 R  D   Joxean Koret  
2009-01-06 Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit
3998 R  D   Sh2kerr  
2009-01-06 Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit 2900 R  D
Sh2kerr  
2009-01-06 Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit 2814 R  D
Sh2kerr  
2008-11-20 Oracle Database Vault ptrace(2) Privilege Escalation Exploit 6095
R  D   Jakub Wartak  
2008-07-19 Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit 5612
R  D   Joxean Koret  
2008-01-28 Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC)
6657 R  D   Sh2kerr  
2008-01-28 Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys
password) 8045 R  D   Sh2kerr  
2008-01-28 Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)
6555 R  D   Sh2kerr  
2008-01-28 Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash) 6240 R
D   Sh2kerr  
2007-10-27 Oracle 10g LT.FINDRICSET Local SQL Injection Exploit (IDS
evasion) 8361 R  D   Sh2kerr  
2007-10-27 Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit (2)
6877 R  D   bunker  
2007-10-27 Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit 5378
R  D   bunker  
2007-10-23 Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit 8921 R  D
Sh2kerr  

Best Regards,
Eng. Majed Al-Masari

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Xavier Mertens
Sent: Thursday, September 24, 2009 12:14 AM
To: pen-test () securityfocus com
Subject: Oracle?

Hi *,

I'll perform a pentest against an Oracle DB.
Anybody has a list of classic tests to be performed against a version 10 &
11 ?

Tx!
Xavier
--
The computer revolution is over. The computers won.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Oracle? Xavier Mertens (Sep 24)
- Re: Oracle? Claudio "BlackFire" Criscione (Sep 25)
- Re: Oracle? Sebastiaan (Sep 25)
  - Re: Oracle? Robert Portvliet (Sep 28)
- Re: Oracle? Jirka Vejrazka (Sep 25)
- RE: Oracle? Majed Al-Masari (Sep 25)
- Re: Oracle? Nikhil Wagholikar (Sep 25)
- Re: Oracle? Jerome Athias (Sep 28)