21
votes
Accepted
Can .ova file contain an exploit?
Whether or not it contains an exploit, specifically, is irrelevant in the broader question of whether an OVA file can be malicious. The answer to the broader question is yes, absolutely.
The Open ...
- 136k
16
votes
Can .ova file contain an exploit?
Any file can contain an exploit.
Whether it works or not, or if it requires a loader, is another story.
For example, if there's a buffer overflow vulnerability in the processing of .ova files, then ...
- 22.6k
7
votes
Accepted
Is VirtualBox safe and is it possible its spying on the user?
Both VirtualBox and VMWare are safe, reputable hypervisors. A website that looks "old" is not an indicator of malice, and sometimes the most reputable websites look very old indeed. VMWare ...
- 67.3k
5
votes
Is it possible to take over a Windows server through Oracle?
You can execute shell commands in PL/SQL is the scenario here. These will run with the privilege of Oracle, which might be LocalSystem. Obviously you will want to secure against this by restricting ...
- 808
3
votes
Accepted
Is my Java code still vulnerable to SQL injection?
Yes, your filtering on userinput2 is insufficient, the use of a single quote is not necessary for exploitation with that syntax. I didn't analyse the code any further. "Blacklisting" characters is not ...
- 5,989
3
votes
Are encrypted databases secure against all attacks?
An encrypted database protects the database against attacks on the filesystem or storage. If someone manages to get a shell on the server, or gets the credentials to the SAN storage, they cannot make ...
- 55.5k
3
votes
Symantec rooted certificates trust and Oracle Java trust store, is Oracle planing to remove trust as well?
According to Oracle JRE and JDK Cryptographic Roadmap Symantec Root CAs will be removed in April 2019 release:
Date: 2019-04-16
Releases: 12, 11, 8, 7
Action: Distrust TLS server certificates ...
- 131
3
votes
Can .ova file contain an exploit?
Yes, any guest OS such as contained in OVA files can carry malicious code; even mere data files of a certain complexity can effectively launch exploits.
Therefore, the flavor of Whonix you may be ...
- 301
3
votes
Accepted
Are encrypted Cookies vulnerable to Padding Oracle Attacks
The short answer is that you cannot rely on encryption to ensure the integrity of a message. See here for example.
To demonstrate why that general statement is also true for the specific example of ...
- 5,562
3
votes
Are encrypted Cookies vulnerable to Padding Oracle Attacks
Is it necessary to sign or will a modified encrypted string fail to
decrypt?
In the cryptography world a modified message is called a tampered message. Encryption by itself does not provide ...
- 1,984
2
votes
OpenSSL oracle padding vulnerability (CVE-2016-2107)
A 'padding oracle attack' has nothing to do with the Oracle database software.
Ensure windows is updated, and remove the insecure cipher suites that this machine was configured to use.
- 47.3k
2
votes
Is there a risk of using AEAD encryption algorithms when the key is generated from a password?
If you use a good PBKDF (like Argon2) brute-forcing of passwords is slowed down by the first step which is turning the password into the key. So your low-entropy source (the password) is protected by ...
- 1,990
2
votes
Is there a risk of using AEAD encryption algorithms when the key is generated from a password?
One of the security properties of a PBKDF is that it should not be reversible. You should not be able to obtain the password, even if you know the key, without exhaustively testing candidate ...
- 36k
2
votes
Verifying Encryption at Rest with Oracle 11g
If you can look at the database, you can look at the actual tables and see that the data is stored in an encrypted format, or if its' stored in plaintext. You can also check that the entire database ...
2
votes
Do I have to change my database user password in this situation?
Do you have to change the password?
To access the database with its old credentials the DBA has to be able to reach the db server. If this is only possible from the local network and he does not have ...
- 535
2
votes
Are encrypted databases secure against all attacks?
There are many different attacks possible. For instance there are different attacks related to privilege escalation via indexes. Attacks via TNS listener. Attacks via web interface isqlplus. DoS ...
- 12.6k
2
votes
Accepted
Post Exploitation in Oracle web logic server 10.35 (Oracle Linux Server 3.8)
If you are able to upload a web shell then you can easily decrypt password. Make a decrypt.py file in server with following content:
domain = "/u01/app/oracle/product/Middleware/Weblogic1035/...
1
vote
Oracle Kerberos authentication on Linux host with SSSD
I was googling the exact same question and found your post.
You have formulated the question so well so I was so bold and copied the entire question and posted it on both Oracle and Red Hat support ...
- 11
1
vote
Are encrypted databases secure against all attacks?
No, they are not secure against attacks, especially in multi-user case.
For example, the CryptDB of MIT is shown to be attackable in various ways
On the Difficulty of Securing Web Applications using ...
- 5,589
1
vote
Is the most recent version of ojdbc7 still vulnerable to CVE-2016-3506?
I don't know the answer, but my guess is that they've updated the driver in the code that they ship with their products, but not in the downloads. If you have Oracle support I suggest you contact ...
- 2,215
1
vote
Accepted
TDE - Encrypting different rows with different keys
It doesn't really matter to you how it's encrypted in the database. Database encryption is "transparent", meaning that you don't see the encryption mechanisms when you access the data through an ...
- 34.7k
1
vote
How to update table with sqlmap and without stacked queries?
No workaround here. You can usually dump the entire database with a boolean based sql injection vulnerability but you cant perform updates.
You can extract but cannot insert or modify existing data.
- 602
1
vote
Why Oracle says following deserialization vulnerabilities are related to HTTP protocol?
You have to be able to trigger deserialization to exploit this. It is just saying that the protocol used when it is exploited is http. However, keep in mind that there are often default listeners that ...
- 602
1
vote
Are encrypted Cookies vulnerable to Padding Oracle Attacks
Is it necessary to sign or will a modified encrypted string fail to
decrypt?
The classical (and faster) way to authenticate your message is using MAC.
You should use signing if you need non-...
- 643
1
vote
Accepted
Understanding Oracle 11g password hashing algorithms
What you have matches the documentation I found (both official and not). Too bad, it's not as secure as it could be. Even if using SHA-1 (perhaps to be FIPS 140-2 compliant), one could run the data ...
- 2,215
1
vote
Do I have to change my database user password in this situation?
Your DB is probably accessible from the entire internal network. Changing only password for that one machine will not stop anyone with a laptop (don't need to be Domain Joined) and Oracle Client ...
- 1,082
1
vote
Virtual Machine Introspection for VirtualBox
you should check the Winbagility project which provides the VMI APIs for VirtualBox (called FDP for Fast Debugging Protocol).
A library similar to libvmi has been written on top of it:
icebox.
I don'...
- 111
Only top scored, non community-wiki answers of a minimum length are eligible