Oracle Secure Backup property_box.php type parameter command execution

Added: 09/01/2009
CVE: CVE-2009-1978
BID: 35678
OSVDB: 55904

Background

Oracle Secure Backup is a centralized tape backup management solution for Oracle Database.

Problem

A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary commands specified in the type parameter in an HTTP request for property_box.php.

Resolution

Apply the patch referenced in the Oracle Critical Patch Update for July 2009.

References

http://www.securityfocus.com/bid/35678

Limitations

Exploit works on Oracle Secure Backup 10.2.0.3.

When the target is Windows, this exploit must be able to bind to port 69/UDP in order to succeed.

When exploiting Linux targets, the netcat ("nc") utility must be installed on the target platform.

The IO-Socket-SSL PERL module is required for this exploit to run. This module is available from http://www.cpan.org/modules/by-module/IO/.

Platforms

Windows
Linux

Back to exploit index