Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow

Added: 01/28/2009
CVE: CVE-2008-5444
BID: 33177
OSVDB: 51340

Background

Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.

Problem

A buffer overflow vulnerability in Oracle Secure Backup when handling the NDMP protocol allows remote attackers to execute arbitrary commands by sending a long, specially crafted Username value in an NDMP_CONECT_CLIENT_AUTH request.

Resolution

Apply the January 2009 Oracle Critical Patch Update.

References

http://archives.neohapsis.com/archives/bugtraq/2009-01/0143.html

Limitations

Exploit works on Oracle Secure Backup 10.1.0.3.

Platforms

Windows 2000
Linux

Back to exploit index