Update Protection against Oracle Secure Backup Administration Server Command Injection Attack
| Check Point Reference: | CPAI-2009-229 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia ID: SA35776 | |
| Industry Reference(s): | ||
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Oracle Secure Backup 10.2.0.3 and prior | ||
| Vulnerability Description An authentication bypass vulnerability exists in Oracle Secure Backup server. Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The vulnerability is due to a flaw in the logic used to authenticate a user to the administration server. Successful exploitation of this vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup by sending a specially crafted user name variable. |
||
|
Update/Patch Available The vendor, Oracle, has released an advisory addressing this vulnerability: Oracle |
|
|
Vulnerability Details The script 'common.php' does not properly sanitize the user name variable before using it in a database query. Successful exploitation would allow the attacker to log in to the vulnerable system with full administrative capabilities. |
Protection Overview This protection will detect and block attempts to bypass authentication by embedding meta characters into parameters to the login CGI script.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.