NASLDB: Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection
General
ID: 55668
Name: Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection
Summary: Fingerprints the patch based on server response
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C
Port: 443
Family: CGI abuses
Type: Remote
Description
The version of Oracle Secure Backup Administration Server running on
the remote host fails to adequately sanitize user supplied input to
the ‘uname’ parameter of ‘login.php’. The system performs some
sanitization which limits exploitation of this issue, but code
execution is still possible.
A remote, unauthenticated attacker could exploit this to execute code
on the remote host with the privileges of the web server user.
By default the server runs with SYSTEM privileges under Windows.
Exploiting
Exploit Available: False
Exploitability Ease: No known exploits are available
Sources
CVE: CVE-2011-2261
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2011/07/19
Patch Release: 2011/07/19
Plugin Release: 2011/07/25
Plugin
Version: 1.8
Filename: oracle_secure_backup_cmd_injection.nasl
Filesize: 4027 bytes
MD5 Hash: a02a9c73d00ec9c7704b1ae540a663c1
Identification: –
Require Keys: www/PHP
Dependencies: "http_version.nasl"
Copyright: This script is Copyright© 2011-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack