SecurityHome.eu Security vulnerability: Oracle Database Account Management Protection Bypass

Home / vulnerabilities PDF

Oracle Database Account Management Protection Bypass
Posted on 22 October 2011
Source : packetstormsecurity.org Link

Team SHATTER Security Advisory - Oracle Database Vault provides additional protections from malicious privileged users. The protections include separation of duty for some tasks like user account management. Any user with SYSDBA privilege or DV_ACCTMGR role can bypass these protections and change any user's password (including Oracle Database Vault Owner user password) calling the OCIPasswordChange client API (the 'password' command in SqlPLUS uses this API).

TOP

Malware :

HackTool:Win64/ProcHack
Trojan:Win64/SvcMiner.A
HackTool:Win64/Reflectivensa.gen!A
Trojan:Win64/CoinMiner
Backdoor:Win64/Diovule.A

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20