Vulnerabilities > CVE-2008-5444 - Multiple vulnerability in Oracle Secure Backup 10.2.0.2

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
oracle
critical
exploit available
metasploit
NVD
Published: 2009-01-14
Updated: 2016-11-22

Summary

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-5449.

Vulnerable Configurations

Part Description Count
Application
Oracle
1

Exploit-Db

descriptionOracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow. CVE-2008-5444. Remote exploit for windows platform
idEDB-ID:16343
last seen2016-02-01
modified2010-05-09
published2010-05-09
reportermetasploit
sourcehttps://www.exploit-db.com/download/16343/
titleOracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow

Metasploit

descriptionThe module exploits a stack buffer overflow in Oracle Secure Backup. When sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet, an attacker may be able to execute arbitrary code.
idMSF:EXPLOIT/WINDOWS/ORACLE/OSB_NDMP_AUTH
last seen2020-05-26
modified2017-07-24
published2009-02-23
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/oracle/osb_ndmp_auth.rb
titleOracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83159/osb_ndmp_auth.rb.txt
idPACKETSTORM:83159
last seen2016-12-05
published2009-11-26
reporterMC
sourcehttps://packetstormsecurity.com/files/83159/Oracle-Secure-Backup-NDMP_CONNECT_CLIENT_AUTH-Buffer-Overflow.html
titleOracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow

Saint

  • bid33177
    descriptionOracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow
    iddatabase_oracle_backupndmpbo,database_oracle_backupver
    osvdb51340
    titleoracle_secure_backup_ndmp_clientauth
    typeremote
  • bid33177
    descriptionOracle Secure Backup login.php ora_osb_lcookie command execution
    iddatabase_oracle_backupver
    osvdb51343
    titleoracle_secure_backup_login_lcookie
    typeremote
  • bid33177
    descriptionOracle WebLogic Server IIS Connector JSESSIONID buffer overflow
    titleweblogic_iis_connector_jsessionid
    typeremote
  • bid33177
    descriptionOracle Secure Backup login.php rbtool command injection
    iddatabase_oracle_backupver
    osvdb51342
    titleoracle_secure_backup_login_rbtool
    typeremote
  • bid33177
    descriptionOracle Database OLAP component ODCITABLESTART buffer overflow
    iddatabase_oracle_version
    osvdb51347
    titleoracle_olap_odcitablestart
    typeremote

References