[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Oracle Database IDS Evasion Techniques for SQL*Net

To: Full Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Oracle Database IDS Evasion Techniques for SQL*Net
From: Joxean Koret <joxeankoret@xxxxxxxx>
Date: Tue, 22 Aug 2006 20:28:31 +0200

Hi,

Attached goes a "little bit stupid" paper about how to evade snort and
other IDS softwares that relies in rules to exploit known
vulnerabilities under Oracle database.

I wrote it for a friend and I decided that may be interesting for
someone else.

---
Regards,
Joxean Koret

Attachment: ids_evasion_oracle_sqlnet.pdf.gz
Description: GNU Zip compressed data

Attachment: signature.asc
Description: Esta parte del mensaje =?iso-8859-1?q?est=E1?= firmada digitalmente

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
Next by Date: Re: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
Previous by thread: Re: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
Next by thread: [Full-disclosure] EEYE:ALERT: MS06-042 Related Internet Explorer 'Crash' is Exploitable
Index(es):
- Date
- Thread