Oracle Secure Backup Administration property_box.php Other Variable Command Injection

Added: 09/29/2010
CVE: CVE-2010-0899
BID: 41616
OSVDB: 66333


Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.


A command injection vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary commands specified in the other parameter in an HTTP request for property_box.php.


Apply the patch referenced in the Oracle Critical Patch Update for July 2009.



Exploit works on Oracle Secure Backup

The target Oracle Secure Backup Administration Server must be configured to listen on the HTTP port. A valid user and password for Oracle Secure Backup Administration Server is also required.

The executable smbclient must be available on the exploit server, and a valid SMB user with permission to write to the SMB share is required. The smb password is not allowed to contain single quotes (').



Back to exploit index