Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

Oracle Secure Backup Administration property_box.php Command Injection - Ver2 (CVE-2010-0899)

Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The server allows for single point of management of data present on network attached storage NAS devices and distributed hosts which may have different operating systems. The data in transit is kept secure ...

Oracle Secure Backup Administration $other Variable Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability. The specific flaw exists in the handling of variables to the propertybox.php script located on the Oracle Secure...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented ...

CVE-2009-1978

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented ...