Oracle Secure Backup Administration objectname Command Injection Remote Code Execution Vulnerability
ZDI-10-120: July 13th, 2010CVE ID
CVSS Score
Affected Vendors
Affected Products
TippingPoint™ IPS Customer Protection
TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 8778. For further product information on the TippingPoint IPS:Vulnerability Details
This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability.
The specific flaw exists in the handling of variables to the property_box.php script located on the Oracle Secure Backup administration server. Due to the lack of filtering on special characters it is possible to specify arbitrary commands to the command line being executed by the administration server. Successful exploitation of this can lead to remote compromise under the credentials of the web server.
Vendor Response
Oracle has issued an update to correct this vulnerability. More details can be found at:Disclosure Timeline
-
2009-10-21 - Vulnerability reported to vendor
2010-07-13 - Coordinated public release of advisory
Credit
This vulnerability was discovered by:-
Anonymous
