[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] [RECTIFY] Oracle 10g exploit - dbms_aq.enqueue - become DBA
From: "Andrea \"bunker\" Purificato" <bunker@xxxxxxxxxxxxx>
Date: Tue, 03 Apr 2007 15:14:33 +0200

> http://rawlab.mindcreations.com/codes/exp/oracle/dbms_aq-enqueue.pl

[All work and no play makes bunker a dull boy...]


A problem has occurred during researching about this oracle package.
Because of particular coincidences concentrated on user privileges the
test results disaligned. Actually, after new analysis on other targets
the code seems not working as aspected.

I apologize for the mistake, the code was just removed, waiting for new
(oculated) hints.


Regards,
-- 
Andrea "bunker" Purificato
+++++++++++[>++++++>+++++++++++++++++++++++++++++++++>++++
++++++<<<-]>.>++++++++++.>.<----------.>---------.<+++++++.

http://rawlab.mindcreations.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA
  - From: Andrea \"bunker\" Purificato

Prev by Date: [Full-disclosure] Vulnerable Vectors in PHP Based Redirection Pages[redirect.php4/redirect.php5]
Next by Date: Re: [Full-disclosure] Vulnerable Vectors in PHP Based Redirection Pages[redirect.php4/redirect.php5]
Previous by thread: Re: [Full-disclosure] 0day Oracle 10g exploit - dbms_aq.enqueue - become DBA
Next by thread: [Full-disclosure] iDefense Security Advisory 03.31.07: Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities
Index(es):
- Date
- Thread