E10-32001
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
f
Variants:
1
Year:
2010
Description
This strike exploits a stack buffer overflow in Oracle Secure Backup.
The vulnerability is due to a lack of bounds checking on the reverse lookup on the connections to the service.
By exploiting this vulnerability, an attacker could execute code in the security context of the SYSTEM user.
* NOTE: In this simulation, the attacker initiates the NDMP request from the same host that provides the malformed DNS reply.