Lucene search

SAINT CorporationSAINT:A6C0ACD6C5E5C26544E3AC2D0533D9B1

HistorySep 30, 2010 - 12:00 a.m.

Oracle Secure Backup Administration property_box.php objectname command injection

2010-09-3000:00:00

SAINT Corporation

my.saintcorporation.com

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Added: 09/30/2010
CVE: CVE-2010-0906
BID: 41597
OSVDB: 66340

Background

Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.

Problem

A vulnerability in the property_box.php script allows remote attackers to inject arbitrary commands via the objectname parameter.

Resolution

Apply the patch referenced in the Oracle Critical Patch Update - July 2010.

References

<http://www.zerodayinitiative.com/advisories/ZDI-10-120/>

Limitations

Exploit works on Oracle Secure Backup 10.3.0.1.0 and requires a valid login and password for Oracle Secure Backup Administration Server.

The target must have read access to the specified SMB share.

The login and password of an account with write access to the specified SMB share must be provided.

The target server must be configured to listen on the HTTP port.

Platforms

Windows

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

JSON

Related for SAINT:A6C0ACD6C5E5C26544E3AC2D0533D9B1