Security Portal

Intrusion Prevention Service

 
Signature Version: 4.788

 



WEB Oracle Secure Backup Administration Server validate_login Command Injection -1 (CVE-2011-2261)
 
Threat Level: High
Release Date: 2011/10/20
 
Category: Web Attacks
Signature ID: 1055061
Included In: Full
Affected OS: Windows, Linux
 
Description: A command injection vulnerability exists in Oracle Secure Backup Administration server. The vulnerability is due to insufficient filtering of user supplied data to the login.php script used in the administration server.
 
Impact: Remote code execution
Recommendation: Update vendor's patch.
 
False Positive: None
False Negative: None
 
Additional Information (Links open in new window):
Reference(s): CVE-2011-2261
 

Search the Threat Database
Enter Rule ID or Name