Oracle Secure Backup Administration property_box.php objectname command injection

Added: 09/30/2010
CVE: CVE-2010-0906
BID: 41597
OSVDB: 66340

Background

Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.

Problem

A vulnerability in the property_box.php script allows remote attackers to inject arbitrary commands via the objectname parameter.

Resolution

Apply the patch referenced in the Oracle Critical Patch Update - July 2010.

References

http://www.zerodayinitiative.com/advisories/ZDI-10-120/

Limitations

Exploit works on Oracle Secure Backup 10.3.0.1.0 and requires a valid login and password for Oracle Secure Backup Administration Server.

The target must have read access to the specified SMB share.

The login and password of an account with write access to the specified SMB share must be provided.

The target server must be configured to listen on the HTTP port.

Platforms

Windows

Back to exploit index