Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

{feature request} CVE-2014-4278/oracle support? #32

Open
thsle3p opened this issue Oct 16, 2014 · 1 comment
Open

{feature request} CVE-2014-4278/oracle support? #32

thsle3p opened this issue Oct 16, 2014 · 1 comment
Labels
feature request

Comments

@thsle3p
Copy link

thsle3p commented Oct 16, 2014

A pretty severe RCE vulnerability was disclosed in Oracle's Forms 10g server that looks like it would be trivial to implement in clusterd (https://www.netspi.com/blog/entryid/243/advisory-oracle-forms-10g-unauthenticated-remote-code-execution-cve-2014-4278). Also I would think this would be a good time to take a look at what other modules related to Oracle application servers that could be implemented in clusterd (SMB hash aux modules, other exploits, etc).
@hatRiot
Copy link
Owner

hatRiot commented Oct 16, 2014

I did see this, but I need to investigate Oracle Forms a bit more to determine if it's something that would fit into clusterd. Oracle Fusion definitely is, but I'm not too familiar with Oracle Forms.

I'll be looking into this, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hatRiot @thsle3p