Lucene search

K
saintSAINT CorporationSAINT:9287190C22214060AFE56271EDC1AEFA
HistoryJan 20, 2009 - 12:00 a.m.

Oracle Secure Backup login.php rbtool command injection

2009-01-2000:00:00
SAINT Corporation
download.saintcorporation.com
12
oracle secure backup
web interface
command injection
cve-2008-5448
patch
oracle critical patch update advisory
zero day initiative
windows
linux
oracle database
tape backup
rbtool parameter
login.php script
remote attacker
arbitrary commands
http request
io-socket-ssl perl module
windows
nc utility
port 69/udp
exploit

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.975

Percentile

100.0%

Added: 01/20/2009
CVE: CVE-2008-5448
BID: 33177
OSVDB: 51342

Background

Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.

Problem

A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary commands specified in the **rbtool** parameter in an HTTP request for the **login.php** script.

Resolution

Apply the patch referenced in the Oracle Critical Patch Update Advisory - January 2009.

References

http://www.zerodayinitiative.com/advisories/ZDI-09-003/

Limitations

Exploit works on Oracle Secure Backup 10.1.0.3.

The IO-Socket-SSL PERL module is required for this exploit to run. This module is available from http://www.cpan.org/modules/by-module/IO/.

When the target is Windows, this exploit must be able to bind to port 69/UDP in order to succeed.

When the target is Linux, the target must have the “nc” utility in order for the exploit to succeed.

Platforms

Windows
Linux

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.975

Percentile

100.0%