Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in Oracle Secure Backup. Buffer Overflow vulnerability exists Oracle Secure Backup 10.2.0.2 through a malformed NDMP packet. Remote Code Execution. Critical Base Score:10.0. Affected Software: Oracle Secure Backup 10.2.0.2. Sending a malformed NDMP client authentication NDMP_CONECT_CLIENT_AUTH Command packet will cause a buffer overflow due to invalid bounds checking. Use the solution provided by Oracle. FortiGuard Global Security Research Team released a signature Oracle.NDMP.CONNECT.CLIENT.AUTH.User.ID.Buffer.Overflow on Jan 13 2009, which covers this specific vulnerability
Reporter | Title | Published | Views | Family All 22 |
---|---|---|---|---|
Check Point Advisories | Oracle Secure Backup NDMP CONNECT_CLIENT_AUTH Command Buffer Overflow (CVE-2008-5444) | 23 Feb 200900:00 | β | checkpoint_advisories |
Metasploit | Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow | 23 Feb 200916:26 | β | metasploit |
Packet Storm | Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow | 26 Nov 200900:00 | β | packetstorm |
Saint | Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow | 28 Jan 200900:00 | β | saint |
Saint | Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow | 28 Jan 200900:00 | β | saint |
Saint | Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow | 28 Jan 200900:00 | β | saint |
Saint | Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow | 28 Jan 200900:00 | β | saint |
Exploit DB | Oracle Secure Backup - NDMP_CONNECT_CLIENT_AUTH Buffer Overflow (Metasploit) | 9 May 201000:00 | β | exploitdb |
NVD | CVE-2008-5449 | 14 Jan 200901:30 | β | nvd |
NVD | CVE-2008-5444 | 14 Jan 200901:30 | β | nvd |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo