jetlib.sec » Tags » oracleremexecservice and pipe

Feeds

268038 items (7 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines (7 unread)
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

3 items tagged "oracleremexecservice and pipe"

Related tags: service [+], oracle universal installer [+], database configuration assistant [+], command execution [+], wood logic, wood, windshield wiper motors, use, tool, snake robot, single board, sheraz, secret compartments, robots, robot, right angles, pvc pipe fittings, pvc pipe, pvc, project, platforms, organ, musical, misc, mimo, mark, logic board, hey, hexapod, hacks, florida atlantic university, finding a way, fellow travelers, dreamplug, desk, definite need, building, bagpipes, bag, Hardware

• January 21, 2011
• 13:32

  OracleRemExecService Command Execution

   » ‎ Packet Storm Security Advisories
  Team SHATTER Security Advisory - It is possible to execute arbitrary operating system commands as localsystem when certain maintenance tasks are executed. For instance, when Database Configuration Assistant is invoked or Oracle Universal Installer is used to modify features. These tools use a Windows service to execute various commands: the service itself relies on a named pipe to receive the commands. The pipe handling is not secure enough resulting in the vulnerability.

  Tags:  pipe oracleremexecservice service oracle-universal-installer database-configuration-assistant command-execution  

• 13:32

  OracleRemExecService Command Execution

   » ‎ Packet Storm Security Recent Files
  Team SHATTER Security Advisory - It is possible to execute arbitrary operating system commands as localsystem when certain maintenance tasks are executed. For instance, when Database Configuration Assistant is invoked or Oracle Universal Installer is used to modify features. These tools use a Windows service to execute various commands: the service itself relies on a named pipe to receive the commands. The pipe handling is not secure enough resulting in the vulnerability.

  Tags:  pipe oracleremexecservice service oracle-universal-installer database-configuration-assistant command-execution  

• 13:32

  OracleRemExecService Command Execution

   » ‎ Packet Storm Security Misc. Files
  Team SHATTER Security Advisory - It is possible to execute arbitrary operating system commands as localsystem when certain maintenance tasks are executed. For instance, when Database Configuration Assistant is invoked or Oracle Universal Installer is used to modify features. These tools use a Windows service to execute various commands: the service itself relies on a named pipe to receive the commands. The pipe handling is not secure enough resulting in the vulnerability.

  Tags:  pipe oracleremexecservice service oracle-universal-installer database-configuration-assistant command-execution