Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.6
CVSSv2

CVE-2006-2505

Published: 22/05/2006 Updated: 18/10/2018
CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9
VMScore: 370
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P
Subscribe to Oracle

Vulnerability Summary

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPE_NAME argument in the (1) GET_DOMAIN_INDEX_TABLES or (2) GET_V2_DOMAIN_INDEX_TABLES function in the DBMS_EXPORT_EXTENSION package.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle database server release_2

Exploits

Exploit DB: Oracle 10g Release 2 - 'DBMS_EXPORT_EXTENSION' SQL
/* 0day, description is wrong /str0ke */ /* * Fucking NON-0 day($) exploit for Oracle 10g 102020 * * Patch your database now! * * by N1V1Hd $3c41r3 * */ CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENT_USER IS FUNCTION ODCIIndexGetMetadata (oindexinfo SYSodciindexinfo,P3 VARCHAR2,p4 VARCHAR2,env SYSodcienv) RETURN NUMBER; END; / CREA ...
Exploit DB: Oracle 9i/10g - DBMS_EXPORT_EXTENSION SQL Injection
#!/usr/bin/perl # # Remote Oracle dbms_export_extension exploit (any version) # Grant or revoke dba permission to unprivileged user # # Tested on Oracle 10g - Release 102010 # Oracle 9i - Release 92020 # # REF: wwwsecurityfocuscom/bid/17699 # # AUTHOR: Andrea "bunker" Purificato # rawlabmindcreation ...

References

NVD-CWE-Otherhttp://www.kb.cert.org/vuls/id/932124http://www.securityfocus.com/bid/17699http://secunia.com/advisories/19860http://www.securityfocus.com/archive/1/432355/100/0/threadedhttp://www.securityfocus.com/archive/1/432354/100/0/threadedhttp://www.securityfocus.com/archive/1/432078/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/1719/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook