HTTP: Oracle Secure Backup Administration Bypass
This signature detects attempts to exploit a known vulnerability against Secure Backup Administration Server. A successful attack can lead to arbitrary code execution.
Extended Description
Oracle Secure Backup is prone to a remote arbitrary command-execution vulnerability that can be exploited over the 'HTTP' protocol. An authenticated attacker with 'Valid Session' privileges can exploit this issue. The attacker can leverage this issue to execute arbitrary commands with Oracle SYSTEM account privileges.
Affected Products
Oracle secure_backup
References
CVE: CVE-2010-0906
URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html http://www.zerodayinitiative.com/advisories/zdi-10-119/ http://www.zerodayinitiative.com/advisories/zdi-10-120/ http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html http://www.zerodayinitiative.com/advisories/zdi-09-059/
Short Name
HTTP:ORACLE:SBA-CMD-INJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Administration Backup Bypass CVE-2009-1978 CVE-2010-0899 CVE-2010-0906 Oracle Secure bid:35678 bid:41597 bid:41616
Release Date
09/18/2009
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Oracle
CVSS Score
9.0