Signature Detail
Short Name |
APP:ORACLE:SBAS-PREAUTH-INJ |
|---|---|
Severity |
Critical |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Oracle Secure Backup Administration preauth Variable Command Injection |
Release Date |
2010/10/27 |
Update Number |
1802 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+ |
APP: Oracle Secure Backup Administration preauth Variable Command Injection
This signature detects attempts to exploit a known command execution vulnerability in Oracle Secure Backup server. It is due to insufficient filtering when handling the $preauth variable. A remote authenticated attacker can exploit this by sending a specially crafted HTTP request to the index.php script on the target server. A successful attack allows the attacker to execute arbitrary commands under the credentials of the SYSTEM account.
Extended Description
Oracle Secure Backup is prone to a remote vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. For an exploit to succeed, the attacker must have 'Valid Session' privileges. This vulnerability affects the following supported versions: 10.3.0.1
Affected Products
- Oracle Secure Backup 10.3.0.1.0
References
- BugTraq: 41597
- CVE: CVE-2010-0906