HTTP: Oracle Secure Backup Administration Server login.php Cookies Command Injection
There exists a command injection vulnerability in Oracle Secure Backup. The vulnerability is due to lack of sanitation of user supplied parameters when processing HTTP requests sent to CGI program login.php. Remote unauthenticated attackers can exploit this vulnerability by sending a crafted HTTP request to the target host. Successful exploitation would allow for arbitrary command execution in the security context of the user running the web server of Oracle Secure Backup. The behaviour of the target is entirely dependent on the intended function of the injected command.
Extended Description
Oracle has released the January 2009 critical patch update. The update addresses 41 vulnerabilities affecting the following software: Oracle Database Oracle Secure Backup Oracle TimesTen In-Memory Database Oracle Application Server Oracle Collaboration Suite Oracle E-Business Suite Release Oracle Enterprise Manager Grid Control PeopleSoft Enterprise HRMS JD Edwards Tools Oracle WebLogic Server (formerly BEA WebLogic Server) Oracle WebLogic Portal (formerly BEA WebLogic Portal)
Affected Products
Bea_systems weblogic_server
Short Name
HTTP:ORACLE:LOGIN-COOKIES-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Administration Backup CVE-2008-4006 Command Cookies Injection Oracle Secure Server bid:33177 login.php
Release Date
07/18/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3711
False Positive
Unknown
Vendors
Oracle
Bea_systems
CVSS Score
10.0