Metasploit modules that can be used to exploit Oracle » Database 11i
-
Oracle DB SQL Injection via SYS.LT.MERGEWORKSPACE
Disclosure Date: 2008-10-22First seen: 2020-04-26auxiliary/sqli/oracle/lt_mergeworkspaceThis module exploits a sql injection flaw in the MERGEWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. Authors: - CG <cg@carnal0wnage.com> -
Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
Disclosure Date: 2008-10-22First seen: 2020-04-26auxiliary/sqli/oracle/dbms_cdc_publishThe module exploits an sql injection flaw in the ALTER_AUTOLOG_CHANGE_SOURCE procedure of the PL/SQL package DBMS_CDC_PUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTE_CATALOG_ROLE have the required privilege. Affected versions: Oracle Database Server versions 10gR1, 10gR2 and 11gR1. Fixed with October 2008 CPU. Authors: - MC <mc@metasploit.com> -
Oracle DB SQL Injection via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
Disclosure Date: 2008-10-22First seen: 2020-04-26auxiliary/sqli/oracle/dbms_cdc_ipublishThe module exploits an sql injection flaw in the ALTER_HOTLOG_INTERNAL_CSOURCE procedure of the PL/SQL package DBMS_CDC_IPUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTE_CATALOG_ROLE have the required privilege. Affected versions: Oracle Database Server versions 10gR1, 10gR2 and 11gR1. Fixed with October 2008 CPU. Authors: - MC <mc@metasploit.com> -
Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE
Disclosure Date: 2008-10-13First seen: 2020-04-26auxiliary/sqli/oracle/lt_compressworkspaceThis module exploits an sql injection flaw in the COMPRESSWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. Authors: - CG <cg@carnal0wnage.com> -
Oracle DB SQL Injection via SYS.LT.REMOVEWORKSPACE
Disclosure Date: 2008-10-13First seen: 2020-04-26auxiliary/sqli/oracle/lt_removeworkspaceThis module exploits a sql injection flaw in the REMOVEWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. Authors: - Sh2kerr <research[ad]dsecrg.com>
5 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details