Signature Detail
Short Name |
APP:OBSERVICED-OF |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Oracle Secure Backup observiced.exe Buffer Overflow |
Release Date |
2010/09/17 |
Update Number |
1775 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+ |
APP: Oracle Secure Backup observiced.exe Buffer Overflow
This signature detects attempts to exploit a known stack buffer overflow vulnerability in Oracle Secure Backup daemon. The flaw is due to a boundary error in the daemon observiced.exe. Remote unauthenticated attackers can exploit this vulnerability by sending a carefully crafted requests to the affected service. Successful exploitation can result in execution of arbitrary code within the security context of the SYSTEM user.
Extended Description
Oracle Database is prone to a remote code-execution vulnerability in Oracle Secure Backup. The vulnerability can be exploited over the 'HTTP' protocol. An attacker does not require special privileges to exploit this vulnerability. The attacker can execute arbitrary code with SYSTEM privileges, leading to a complete compromise of an affected computer. This vulnerability affects Oracle Database 10.2.0.3.
Affected Products
- Oracle Oracle10g Enterprise Edition 10.2.0 .3
- Oracle Oracle10g Personal Edition 10.2.0 .3
- Oracle Oracle10g Standard Edition 10.2.0 .3
References