13 matches found
Oracle Secure Backup Authentication Bypass / Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...
Oracle Secure Backup Administration Server Command Injection (CVE-2009-1978)
Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The vulnerability is due to a flaw in the logic used to authenticate a user to the administration server. Successful exploitation of this vulnerability allows remote attackers to bypass authentication on...
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
This module exploits an authentication bypass vulnerability in login.php in order to execute arbitrary code via a command injection vulnerability in propertybox.php. This module was tested against Oracle Secure Backup version 10.3.0.1.0 Win32. This module requires Metasploit:...
Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
No description provided by source. !/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure Backup Server 10.3.0.1.0win32release MS Windows...
Oracle Secure Backup Server Bypass / Command Injection
!/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure Backup Server 10.3.0.1.0win32release MS Windows Professional XP SP3 In August 2009,...
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection !/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure...
Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
Exploit for windows platform in category remote exploits ============================================================== Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit ============================================================== !/bin/bash Oracle Secure Backup Administration Serv...
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass / Remote Code Injection
!/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure Backup Server 10.3.0.1.0win32release MS Windows Professional XP SP3 In August 2009,...
CVE-2009-1978
creationtimestamp| type| source ---|---|--- 2009-09-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9652 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/oracle/osbexecqr2.rb 2025-02-06 03:13:39+00:00| seen|...
Oracle Secure Backup property_box.php type parameter command execution
Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...
Oracle Secure Backup property_box.php type parameter command execution
Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...
DSquare Exploit Pack: D2SEC_ORA_SECBACK2
Name| d2secorasecback2 ---|--- CVE| CVE-2009-1978 Exploit Pack| D2ExploitPack Description| Oracle Secure Backup Arbitrary Command Execution Vulnerability Notes|...
CVE-2009-1978
CVE-2009-1978 affects Oracle Secure Backup (Administration Server component). The vulnerability enables remote code execution with SYSTEM privileges via vectors involving property_box.php, impacting Oracle Secure Backup 10.2.0.3 (and related 10.3.0.1.0 deployments) as noted in the July 2009 Oracl...