APP: Oracle Secure Backup Administration Server Command Injection
This signature detects attempts to exploit a known command injection vulnerability in the Oracle Secure Backup Administration server. It is due to insufficient filtering of user supplied data to the login.php script used in the administration server. A remote attacker can exploit this by sending a crafted HTTP request to the target host. In a successful code injection attack, the behavior of the target host is entirely dependent on the intended function of the injected code and executes within the security context of the currently logged in user. If the attack is unsuccessful, the vulnerable application can terminate abnormally.
Extended Description
Oracle Secure Backup is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the web server process. Failed attacks will cause denial-of-service conditions. This vulnerability affects the following supported versions: 10.3.0.3
Short Name
APP:ORACLE:SECURE-BACKUP-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Administration Backup CVE-2011-2261 Command Injection Oracle Secure Server bid:48752
Release Date
08/25/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
CVSS Score
10.0