what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files

Oracle Secure Backup Server Bypass / Command Injection
Posted Sep 15, 2009
Authored by Luca Carettoni | Site ikkisoft.com

Oracle Secure Backup Administration Server suffers from authentication bypass and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
advisories | CVE-2009-1977, CVE-2009-1978
SHA-256 | 8bbf1a7668ebf7f94b2ec20073f80c9f8f048f84184c40ab8880774b4df54dd6

Related Files

Secunia Security Advisory 49884
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Oracle Secure Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | bce8679ddc9a4f688adca7c6930dd9d306957ee6a3a0e9233c1ee663850e1bdd
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
Posted Aug 21, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in login.php. In conjunction with the authentication bypass issue, the 'jlist' parameter in property_box.php can be used to execute arbitrary system commands. This Metasploit module was tested against Oracle Secure Backup version 10.3.0.1.0

tags | exploit, arbitrary, php, bypass
advisories | CVE-2010-0904
SHA-256 | a6b9f81b959d5734b4b0566c794ef98effe3e6416939923022fc0bcd168099f4
Secunia Security Advisory 43011
Posted Jul 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Oracle Secure Backup, which can be exploited by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 04caf0f1ac4c12a575d72064dea523d84cf6ad3d5b4eab77409654ada714695f
Zero Day Initiative Advisory 11-238
Posted Jul 21, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-238 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validate_login function defined within /apache/htdocts/php/common.php. The username parameter is passed with limited sanitization to an exec_qr call which can be abused to inject commands. The sanitation that does occur can limit the exploitation of this issue, however code execution can likely still be achieved. Successful attempts will yield remote code execution under the context of the apache server.

tags | advisory, remote, arbitrary, php, code execution
advisories | CVE-2011-2261
SHA-256 | 8abe40785b4a1142c75a2394d5b25258bae169d31e77a2db6b90b719ce3703cf
Technical Cyber Security Alert 2011-201A
Posted Jul 20, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-201A - Oracle Database, Oracle Secure Backup, Oracle Fusion Middleware, and various other Oracle products suffer from vulnerabilities including remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
SHA-256 | 7c1bd1e3b5f0d9d514eee9dfcd1fbedbbcc91a1a8fc792a16611e4b45ca60fd3
Secunia Security Advisory 42918
Posted Jan 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Secure Backup, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | 04567c53528aa43625fb1939271f7eef3214a8360224626b1c4834ea8197d96e
Secunia Security Advisory 40595
Posted Jul 15, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Secure Backup, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions or to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | d0532743d334c61af2044a918bcc9aaaf02c70a28b8d3b99d02b05cdb37bb141
Zero Day Initiative Advisory 10-124
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-124 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit these vulnerabilities. The specific flaws exist due to how the application passes CGI parameters to the internal obtool binary running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.

tags | advisory, remote, arbitrary, cgi, vulnerability
SHA-256 | f3eb8b93e738858b3c6e2a5e1d54e8b3d36f41f83639ca0370ec81c55f379812
Oracle Secure Backup Scheduler Service Remote Code Execution
Posted Jul 14, 2010
Authored by Cody Pierce | Site dvlabs.tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of commands sent to the obscheduled.exe service listening by default on TCP port 1026, or 1027. Due to a lack of bounds checking on a specific command sequence the program stack can be overwritten with user controlled data. Successful exploitation can lead to remote system compromise under the SYSTEM credentials.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2010-0898
SHA-256 | b97beb4e58e46d6a4719bd8417540a0d0f63bac1d2dbac31e1272e615cc3a6b5
Zero Day Initiative Advisory 10-123
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-123 - This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are specified via the URI it is possible for an attacker to bypass the authentication mechanism and reach functionality otherwise inaccessible without proper credentials. This can be leveraged by remote attackers to trigger what were post-auth vulnerabilities without valid credentials.

tags | advisory, remote, arbitrary, vulnerability
SHA-256 | 1b6cb7c2d8ebbfb8aa18f8b3517e80976924e54abe93a72aade5cc60697221de
Zero Day Initiative Advisory 10-122
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-122 - This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'preauth' variable to the script index.php used in the administration server running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.

tags | advisory, remote, arbitrary, php
SHA-256 | 93a62185ef8d18e9a29cfd9b57696ef14f36acaa2101b02cf3b5a2fb86c0cff8
Zero Day Initiative Advisory 10-121
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-121 - This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'selector[0]' variable to the script index.php used in the administration server running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.

tags | advisory, remote, arbitrary, php
SHA-256 | 48b582d620ae4d20b1dc5efd5459042a2efe4806e63f5df7d7a53cd406c9eb73
Zero Day Initiative Advisory 10-120
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-120 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability. The specific flaw exists in the handling of variables to the property_box.php script located on the Oracle Secure Backup administration server. Due to the lack of filtering on special characters it is possible to specify arbitrary commands to the command line being executed by the administration server. Successful exploitation of this can lead to remote compromise under the credentials of the web server.

tags | advisory, remote, web, arbitrary, php
SHA-256 | 61f830c320fdec0772ce945d9ce3be52e3fec38c4da37fd3e68022a304d2bf32
Zero Day Initiative Advisory 10-119
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-119 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability. The specific flaw exists in the handling of variables to the property_box.php script located on the Oracle Secure Backup administration server. Due to the lack of filtering on special characters it is possible to specify arbitrary commands to the command line being executed by the administration server. Successful exploitation of this can lead to remote compromise under the credentials of the web server.

tags | advisory, remote, web, arbitrary, php
SHA-256 | 97fed0676d2071c69c2c9f377c677e4efb75bb0ed4ea9ead9a0d07709bd5bbcb
Zero Day Initiative Advisory 10-118
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-118 - This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of user input to the uname variable of the login.php script running on the administration page of Oracle Secure Backup. Do to the lack of proper shell metacharacter filtering it is possible to bypass the login check. Successful exploitation of this vulnerability allows the attacker to access sensitive information running on the administration server without proper credentials.

tags | advisory, remote, shell, php
SHA-256 | a84daf45f55774169b51adedbd1ae06c4420baede8def2a3b970b7bb38d2066a
Secunia Security Advisory 38128
Posted Jan 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Secure Backup, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 4380ddf8eff44e99b02c41efb47fd37e015de9b8cc2d180236ab17d8994f3645
Zero Day Initiative Advisory 10-02
Posted Jan 12, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Oracle Secure Backup Services daemon observiced.exe listening on TCP port 10000 by default. Due to the lack of bounds checking on the reverse lookup of connections to the port a stack overflow can occur leading to a complete compromise of the affected system under the credentials of the SYSTEM account.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2010-0072
SHA-256 | eaab05ade537567d886353e24666c9cfbc4f2f7641f54907b4f4d494d750b97c
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

The module exploits a stack overflow in Oracle Secure Backup. When sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2008-5444
SHA-256 | 4e471a2a12f2256e9d20d468c87ba87b92c76a30bc71dc7a3f20d7dafcb36d12
Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH Overflow
Posted Jan 16, 2009
Authored by Zhenhua Liu, XiaoPeng Zhang | Site fortinet.com

Fortinet has discovered a buffer overflow vulnerability in Oracle Secure Backup version 10.2.0.2 through the use of a malformed NDMP packet.

tags | advisory, overflow
advisories | CVE-2008-5444
SHA-256 | f461073432a52de146dd8e73f0eb93223fafe750c8674ad039cbc777d157927e
Oracle Secure Backup's observiced.exe Denial Of Service
Posted Jan 16, 2009
Authored by Zhenhua Liu, XiaoPeng Zhang | Site fortinet.com

Fortinet has discovered multiple denial of service vulnerabilities in Oracle Secure Backup version 10.2.0.2 through the use of malformed packets on observiced.exe.

tags | advisory, denial of service, vulnerability
advisories | CVE-2008-5445
SHA-256 | df7b3b69f5b30d45e5be2b32d6e2898ca8bf5ab08eb3414c476814f37f005a70
Oracle Secure Backup Denial Of Service
Posted Jan 16, 2009
Authored by Zhenhua Liu, XiaoPeng Zhang | Site fortinet.com

Fortinet has discovered multiple denial of service vulnerabilities in Oracle Secure Backup version 10.2.0.2 through the use of malformed NDMP packets.

tags | advisory, denial of service, vulnerability
advisories | CVE-2008-5441, CVE-2008-5442, CVE-2008-5443
SHA-256 | aa6e6263e9c776801cfdf0857f19de4023f1cc61d76558209700822d2d84294f
Zero Day Initiative Advisory 09-03
Posted Jan 15, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-003 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine exec_qr() defined in the web script login.php. The user-supplied variable $rbtool is improperly sanitized and later passed through a call to popen(), this can result in remote pre-authentication command injection.

tags | advisory, remote, web, arbitrary, php
SHA-256 | d4cd07bc743ecebda2d3c06bd6512358d54e624bcb8559f431c37c5b49682626
Oracle Secure Backup 10g Remote Code Execution
Posted Jan 15, 2009
Authored by Joxean Koret

The Oracle January 2009 Critical Patch Update fixes a vulnerability which allows a remote pre-authenticated attacker to execute arbitrary code in the context of the user running the web server of Oracle Secure Backup.In Windows environments, the vulnerability allows execution of arbitrary code as SYSTEM. In Unix and GNU/Linux environments, however, just as a normal user(oracle usually). Proof of concept code included.

tags | exploit, remote, web, arbitrary, proof of concept
systems | linux, windows, unix
SHA-256 | 0be6210659dc840c141aa2f7bab508fdbe7b79872fd8e733b4a438459e93b4c6
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close