SAINT CorporationSAINT:92E69042B5A76AA132D432B96A77611BOracle Secure Backup Administration property_box.php objectname command injection
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS
Percentile
99.8%
Added: 09/30/2010
CVE: CVE-2010-0906
BID: 41597
OSVDB: 66340
Background
Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.
Problem
A vulnerability in the property_box.php script allows remote attackers to inject arbitrary commands via the objectname parameter.
Resolution
Apply the patch referenced in the Oracle Critical Patch Update - July 2010.
References
<http://www.zerodayinitiative.com/advisories/ZDI-10-120/>
Limitations
Exploit works on Oracle Secure Backup 10.3.0.1.0 and requires a valid login and password for Oracle Secure Backup Administration Server.
The target must have read access to the specified SMB share.
The login and password of an account with write access to the specified SMB share must be provided.
The target server must be configured to listen on the HTTP port.
Platforms
Windows
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS
Percentile
99.8%