Detalji

Kod programskog alata Oracle Audit Vault uočen je novi sigurnosni nedostatak. Oracle Audit Vault olakšava izvještavanje o usklađenosti, proaktivno pronalazi prijetnje, smanjuje troškove i osigurava podatke revizije. Propust se javlja kao posljedica neodgovarajuće provjere ulaznih parametara u "av" komponenti prilikom rukovanja s "action.execute" zahtjevima. Udaljeni, neovlašteni napadači mogu iskoristiti propust za stvaranje proizvoljnih objekata i pokretanje zlonamjerno oblikovanog programskog koda. Korisnicima se savjetuje nadogradnja. 

Oracle Audit Vault "action.execute" Request Code Execution Vulnerability

VUPEN ID 	VUPEN/ADV-2011-0141
CVE ID 	CVE-2010-4449
 
CWE ID 	Available in VUPEN VNS Customer Area
CVSS V2 	Available in VUPEN VNS Customer Area
Rated as 	Critical 
Impact 	Available in VUPEN VNS Customer Area
Authentication Level 	Available in VUPEN VNS Customer Area
Access Vector 	Available in VUPEN VNS Customer Area
Release Date 	2011-01-19

Technical Description
A vulnerability has been identified in Oracle Audit Vault, which could be exploited by remote attackers to take complete control of a vulnerable system. This issue is caused by an input validation error in the "av" component when handling "action.execute" requests sent to port 5700/TCP, which could be exploited by remote unauthenticated attackers to create arbitrary objects and execute malicious code.

Affected Products
Oracle Audit Vault 10g Release 2 version 10.2.3.2

Solution 
Apply Oracle Critical Patch Update - January 2011 :
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

References
http://www.vupen.com/english/advisories/2011/0141
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
http://www.zerodayinitiative.com/advisories/ZDI-11-017/

Credits 
Vulnerability reported by 1c239c43f521145fa8385d64a9c32243 via TippingPoint ZDI.

Changelog 
2011-01-19 : Initial release

Idi na vrh