The TeamSHATTER blog is now part of Spiderlabs – Anterior
The TeamSHATTER blog is now part of Spiderlabs – Anterior
Posted 3 years ago

Many of you are probably already aware of the acquisition of Application Security, Inc. by Trustwave. As part of the acquisition, we are pleased to announce that TeamSHATTER is combining…

TeamSHATTER’s Analysis of the October 2013 Oracle CPU
TeamSHATTER’s Analysis of the October 2013 Oracle CPU
Posted 3 years ago

It’s the second Tuesday in October, so it is Oracle Critical Patch Update (CPU) time. The October 2013 CPU contains 127 fixes across Oracle’s Database, Fusion Middleware, Enterprise Manager, E-Business…

TeamSHATTER’s Analysis of the July 2013 Oracle CPU
TeamSHATTER’s Analysis of the July 2013 Oracle CPU
Posted 4 years ago

It is Oracle Critical Patch Update (CPU) time, so lace up your patching gloves. The July 2013 CPU contains 89 fixes across Oracle’s Database, Fusion Middleware, Hyperion, Enterprise Manager, E-Business…

PreviousNext
RSS

BFILENAME buffer overflow

BFILENAME buffer overflow February 14, 2003 Risk level: High Threat: This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. Versions Affected: All Versions of Oracle Summary: A buffer overflow exists in the built-in function BFILENAME. This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. BFILENAME is a built-in function and as such…

Click for complete article >>

TZ_OFFSET buffer overflow

TZ_OFFSET buffer overflow February 14, 2003 Risk level: High Threat: This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. Versions Affected: All Versions of Oracle Summary: A buffer overflow exists in the built-in function TZ_OFFSET. This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. TZ_OFFSET is a built-in function and as such…

Click for complete article >>

TO_TIMESTAMP_TZ buffer overflow

TO_TIMESTAMP_TZ buffer overflow February 14, 2003 Risk level: High Threat: This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. Versions Affected: All Versions of Oracle Summary: A buffer overflow exists in the function TO_TIMESTAMP_TZ. This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. TO_TIMESTAMP_TZ is a built-in function and as such permissions…

Click for complete article >>

Username buffer overflow

Username buffer overflow February 14, 2003 Risk level: High Threat: This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. Versions Affected: All Versions of Oracle Summary: A buffer overflow exists in the authentication mechanism of Oracle. This buffer overflow may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database server. This vulnerability occurs when a very long…

Click for complete article >>

Slammer/Sapphire Worm Analysis

Slammer/Sapphire Worm Analysis January 25, 2003 Risk Level: High Summary: A worm is currently attacking unpatched SQL Server 2000 installations over the Internet. Microsoft SQL Server supports many different network libraries and provides the capability to listen on multiple connection points. These connection points are often assigned by SQL Server dynamically. In order for a client to determine which connection points are available, SQL Server provides a resolution service. This resolution service listens for requests on UDP port 1434. The…

Click for complete article >>

Multiple buffer overflows in DBCC and SQL Injections

Multiple buffer overflows in DBCC and SQL Injections July 26, 2002 Credit: This vulnerability was researched and discovered by Cesar Cerrudo (sqlsec@yahoo.com). Risk Level: Varying from High to Low Summary: Several buffer overflows in the DBCC built-in function and several SQL Injection vulnerabilities have been discovered in Microsoft SQL Server. Three of the buffer overflows are for DBCC calls that can be executable by all valid logins on the server. One of the SQL Injection vulnerabilities can be executed by…

Click for complete article >>

BULK INSERT buffer overflow

Team SHATTER Security Alert   BULK INSERT buffer overflow July 11, 2002 Risk Level: Low Summary: The built-in function BULK INSERT contains a buffer overflow that may allow an attacker to overwrite the stack and execute arbitrary code under the security context of the database. The first parameter of BULK INSERT does not properly handle a long string. Details: Microsoft SQL Server provides a built-in function called BULK INSERT which allows data to be uploaded from a file directly to…

Click for complete article >>

Encoded password written by service pack

Encoded password written by service packJuly 10, 2002 Risk level: Medium Summary: When installing Microsoft SQL Server 2000 or installing a service pack for Microsoft SQL Server 7.0 or 2000, an encoded version of the password used is written to the file setup.iss. This file’s default permissions allow any user able to log on interactively to the operating system to read the file and discover the password. Details: During the installation process of Microsoft SQL Server 7.0 or 2000, a…

Click for complete article >>

Microsoft SQL Server: Spida Worm

Team SHATTER Security Alert   Microsoft SQL Server: Spida Worm Risk level: High Summary: A worm has been found in the wild attacking all versions of Microsoft SQL Servers on port 1433. The Spida worm is a self-propagating attack program that discovers SQL Server on the default port 1433. Once found it attempts to connect to sa with a blank password. If successful, it takes control of the machine, collects sensitive information on the local server, and attempts to propagate…

Click for complete article >>
Powered by