Signature Detail
Short Name |
APP:ORACLE:SECURE-BACKUP-INJ |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Oracle Secure Backup Administration Server Command Injection |
Release Date |
2011/08/25 |
Update Number |
1980 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Oracle Secure Backup Administration Server Command Injection
This signature detects attempts to exploit a known command injection vulnerability in the Oracle Secure Backup Administration server. It is due to insufficient filtering of user supplied data to the login.php script used in the administration server. A remote attacker can exploit this by sending a crafted HTTP request to the target host. In a successful code injection attack, the behavior of the target host is entirely dependent on the intended function of the injected code and executes within the security context of the currently logged in user. If the attack is unsuccessful, the vulnerable application can terminate abnormally.
Extended Description
Oracle Secure Backup is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the web server process. Failed attacks will cause denial-of-service conditions. This vulnerability affects the following supported versions: 10.3.0.3
Affected Products
- Oracle Secure Backup 10.3.0.3
References
- BugTraq: 48752
- CVE: CVE-2011-2261