Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:OBSERVICED-BOF |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Oracle Secure Backup observiced.exe Buffer Overflow (1) |
Release Date |
2015/06/12 |
Update Number |
2504 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Oracle Secure Backup observiced.exe Buffer Overflow (1)
This signature detects attempts to exploit a known vulnerability against Oracle Secure Backup daemon. A successful attack can lead to arbitrary code execution.
Extended Description
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a "reverse lookup of connections" to TCP port 10000.
Affected Products
- Oracle secure_backup 10.2.0.3
References
- BugTraq: 37733
- CVE: CVE-2010-0072