APP: Oracle Secure Backup observiced.exe Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Oracle Secure Backup daemon. A successful attack can lead to arbitrary code execution.
Extended Description
Oracle Database is prone to a remote code-execution vulnerability in Oracle Secure Backup. The vulnerability can be exploited over the 'HTTP' protocol. An attacker does not require special privileges to exploit this vulnerability. The attacker can execute arbitrary code with SYSTEM privileges, leading to a complete compromise of an affected computer. This vulnerability affects Oracle Database 10.2.0.3.
Affected Products
Oracle oracle10g_personal_edition
References
BugTraq: 37733
CVE: CVE-2010-0072
URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2010.html
Short Name
APP:OBSERVICED-OF
Severity
Critical
Recommended
False
Recommended Action
None
Category
APP
Keywords
Backup Buffer CVE-2010-0072 Oracle Overflow Secure bid:37733 observiced.exe
Release Date
09/17/2010
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3705
False Positive
Occasionally
Vendors
Oracle
CVSS Score
10.0