Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Oracle Reports Exploit - Remote Shell/Dump Passwords
From: "NI @root" <security () netinfiltration com>
Date: Mon, 27 Jan 2014 18:03:37 -0500


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Exploit code released

Oracle Forms and Reports
9iAS, 9iDS, 10G (DS and AS), and 10G AS Reports/Forms Standalone
Installation
11g if patch or workaround not applied
12g code rewrite has mitigated this vulnerability.

Undocument PARSEQUERY function allows dumping database user/pass () db with
unauthenticated browser. Patch/workaround doesn't seem to actually
address the parsequery problem but seems they simply obfuscated it by
disabling diagnostic output.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3153

URLPARAMETER vulnerability allows browsing/downloading files, planting
files as well as gaining a remote shell

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3152 and
CVE-2012-????

Exploits can be found here

http://netinfiltration.com/

- -- 
Dana Taylor
http://netinfilration.com
@netinfiltration
@miss_sudo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJS5uXJAAoJELwuSLPAtCgju9cH/0QcPuT8wGEbxAaxaHyFJl5r
BxdGCXm51pUFBa3poh9hxYDinxRqhPsWCzgBNW/xfgVF8xk0/XGSNfLNpLRE3q0d
x8M2H0HSXAHozv1ItdCh2C1Xdd35qvDXy6IzR1MiHT8Jv3RyznucrkdyHYFbT1as
7ppxktSbBltOxADg8TLHOAnmMNwD3kpZUYnMVuK9G1bL7GgAo7npyBr7A2mvPN1B
OPeAb5rfDpFZeT6OJ1VoodE4gOOKdvb6iexYe9yHfzeispZp948ItVhhPAhYbRXJ
PYjA7lZiZnNwZeZKotGJxv2Z8L2CbE10q7N8W/ntSbLOfrm4REL0tJ8NvAxg72M=
=XkQd
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Oracle Reports Exploit - Remote Shell/Dump Passwords NI @root (Jan 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]