Security Portal

Intrusion Prevention Service

Signature Version: 4.1044


WEB Oracle Secure Backup Administration Server validate_login Command Injection -1 (CVE-2011-2261)
Threat Level: High
Release Date: 2011/10/20
Category: Web Attacks
Signature ID: 1055061
Included In:
Affected OS: Windows, Linux
Description: A command injection vulnerability exists in Oracle Secure Backup Administration server. The vulnerability is due to insufficient filtering of user supplied data to the login.php script used in the administration server.
Impact: Remote code execution
Recommendation: Update vendor's patch.
False Positive: None
False Negative: None
Additional Information (Links open in new window):
Reference(s): CVE-2011-2261

Search the Threat Database
Enter Rule ID or Name