Update Protection against Oracle Secure Backup NDMP CONECT_CLIENT_AUTH Command Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2009-029 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA33525 | |
| Industry Reference(s): | CVE-2008-5444 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Oracle Secure Backup 10.1.0.3 Oracle Secure Backup 10.2.0.2 | ||
| Vulnerability Description A buffer overflow vulnerability was reported in Oracle Secure Backup. Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage (NAS) devices and distributed hosts. Oracle Secure Backup is using NDMP protocol to perform backup tasks for all clients. Oracle Secure Backup fails to properly handle NDMP messages. Remote unauthenticated attackers can exploit this vulnerability by sending specially crafted messages to the affected interface. Successful exploitation can lead to arbitrary code execution. |
||
|
Update/Patch Available Apply patches: Oracle Critical Patch Update Advisory |
|
|
Vulnerability Details The vulnerability is due to insufficient boundary checking when handling NDMP CONNECT_CLIENT_AUTH messages. The application does not correctly verify the length of the Username field in CONNECT_CLIENT_AUTH messages. |
Protection Overview
By enabling this protection, SmartDefense will detect and block attempts to exploit a buffer overflow vulnerability in Oracle Secure Backup.
In order for the protection to be activated, update your VPN-1/InterSpect product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.