Detalji

Uočena su dva sigurnosna nedostatka vezana uz Oracle Enterprise Manager Grid Control. Prvi propust je rezultat neodgovarajuće obrade ulaznih podataka u komponenti Client System Analyzer prilikom rukovanja sa XML dokumentima. Drugi problem se javlja zbog propusta u Real User Experience Insight komponenti. Propusti se mogu iskoristiti za postavljanje zlonamjerno oblikovanih dokumenata na ranjivi sustav i izvođenje SQL napada. Budući da je izdana nadogradnja, korisnici se upućuju na njezino korištenje.

Oracle Enterprise Manager Grid Control Multiple Remote Vulnerabilities

VUPEN ID 	VUPEN/ADV-2011-0140
CVE ID 	CVE-2010-3594 - CVE-2010-3600
 
CWE ID 	Available in VUPEN VNS Customer Area
CVSS V2 	Available in VUPEN VNS Customer Area
Rated as 	High Risk 
Impact 	Available in VUPEN VNS Customer Area
Authentication Level 	Available in VUPEN VNS Customer Area
Access Vector 	Available in VUPEN VNS Customer Area
Release Date 	2011-01-19

Technical Description

Two vulnerabilities have been identified in Oracle Enterprise Manager Grid Control, which could be exploited by remote attackers to gain knowledge of sensitive information or execute arbitrary code.

The first issue is caused by an input validation error in a JSP script within the Client System Analyzer component when handling uploaded XML files, which could be exploited by unauthenticated attackers to upload a malicious file and compromise a vulnerable system.

The second vulnerability is caused by an error in the Real User Experience Insight component when parsing log files, which could be exploited to conduct SQL injection attacks.

Affected Products

Oracle Enterprise Manager Grid Control

Solution 

Apply Oracle Critical Patch Update - January 2011 :
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

References

http://www.vupen.com/english/advisories/2011/0140
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
http://www.zerodayinitiative.com/advisories/ZDI-11-018/
http://www.zerodayinitiative.com/advisories/ZDI-11-016/

Credits 

Vulnerabilities reported by 1c239c43f521145fa8385d64a9c32243 via TippingPoint ZDI.

Changelog 

2011-01-19 : Initial release

Idi na vrh