instructions for many platforms, can be found online at
http://www.metasploit.com/framework/.
This release of the Metasploit Framework was driven by numerous key
contributors, including James Lee, Yoann Guillot, Steve Tornio, MC,
Chris Gates, Alexander Kornbrust, Ramon Carvalle, Stephen Fewer, Ryan
Linn, Lurene Grenier, Mike Kershaw, Patrick Webster, Max Moser, Efrain
Torres, Alexander Sotirov, Ty Bodell, Joshua Drake, JR, Carlos Perez,
Kris Katterjohn and many others.
The startup speed up the Metasploit Console and all utilities has been
Name SQL Injection in package DBMS_AQIN [CVE-2009-0992]
Systems Affected Oracle 10.1.0.5 - 11.1.0.7
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak at red-database-security.com)
CVE CVE-2009-0992
Advisory 14 April 2009 (V 1.00)
Details:
The package DBMS_AQIN contains a SQL injection vulnerability in the procedure DEQ_EXEJOB.
Name Unprivileged DB users can see APEX password hashes
Systems Affected APEX 3.0 (optional component of 11.1.0.7 installation)
Severity High Risk
Category Password Disclosure
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust (ak at red-database-security.com)
CVE CVE-2009-0981
Advisory 14 April 2009 (V 1.00)
Details:
Systems Affected 9i Rel. 1 - 11g Rel. 1
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust
Advisory 16 April 2008 (V 1.00)
Advisory URL http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html
Details
The package SDO_IDX is vulnerable against SQL injection.
Side Channel Analysis - Job de Haas, Riscure
Hackertools according to German law (§ 202c StGB) - Horst Speichert, Lawyer
Hardening Oracle in Corporate Environments - Alexander Kornbrust, Red-Database-Security
Virtualization: There is no spoon - Michael Kemp
Straight Talk about Cryptography - Jon Callas, PGP
Systems Affected 10g Rel. 1, 10g Rel. 2
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust
Advisory 16 April 2008 (V 1.00)
Advisory URL http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_util.html
Details
The package SDO_UTIL is vulnerable against SQL injection.
List of speakers with presentations:
‣ Achim Reckeweg ; Sun Microsystems ; Germany
‣ Alex Stamos ; iSEC Partners ; USA
‣ Alexander Kornbrust ; Red Database Security GmbH ; Germany
‣ Andrea Monti ; Studio Legale Monti ; Italy
‣ Arrigo Triulzi ; Independent Security Consultant ; Italy
‣ Chema Alonso, José Parada ; Informática 64 ; Spain
‣ Daniel Mende, Simon Rich ; ERNW GmbH ; Germany
‣ Dr. Anton Chuvakin ; LogLogic, Inc ; USA
Systems Affected 9i Rel. 1 - 10g Rel. 2
Severity High Risk
Category Hardcoded Default Password & Password Reset
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust
Advisory 16 April 2008 (V 1.00)
Advisory URL http://www.red-database-security.com/advisory/oracle_outln_password_change.html
http://www.phenoelit.net/lablog/oracle.sl
Regards
Alexander Kornbrust
www.red-database-security.com
Systems Affected 9i Rel. 1 - 10g Rel. 2
Severity High Risk
Category SQL Injection
Vendor URL http://www.oracle.com/
Author Alexander Kornbrust
Advisory 16 April 2008 (V 1.00)
Advisory URL http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html
Details
The package SDO_GEOM is vulnerable against SQL injection.
Side Channel Analysis - Job de Haas, Riscure
Hackertools according to German law (§ 202c StGB) - Horst Speichert, Lawyer
Hardening Oracle in Corporate Environments - Alexander Kornbrust, Red-Database-Security
Virtualization: There is no spoon - Michael Kemp
Straight Talk about Cryptography - Jon Callas, PGP
Sent to mailing list without permission :
Oracle 0xDEADF00D
Alexander Kornbrust, CEO of Red Database Security GmbH and Oracle Database security expert noticed that Oracle recently released their Oracle Database 11g for Linux with a new password hashing algorithm. They do so, to improve security by introducing case-sensitive passwords in the year 2007! Alex asked us to figure out what kind of cryptographic algorithms and methods are actually used, because he'd like to update his Oracle Security Scanner.
We did, regardless of the expected nightmares, Fear and Laughing in Oracle.
Since Oracle is shipped as closed software and releases will be provided as binary/executable program only, we analyzed the Linux ELF binary executable files, because a windows version of Oracle 11g seems to be not released yet.
