Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Oracle eBusiness Suite - Improper File Access" module is designed to detect vulnerabilities related to improper file access in Oracle eBusiness Suite. This module specifically targets the "bispgrapgh" component of the suite. It is important to note that Oracle eBusiness Suite is no longer supported with patches or security fixes, making it even more crucial to identify and address any vulnerabilities.
This module has a severity level of critical, indicating the potential impact of the vulnerability.
Original author(s): emenalf, tirtha_mandal, thomas_from_offensity
An improper file access vulnerability in Oracle eBusiness Suite can allow unauthorized users to gain access to sensitive files on the system. This can lead to the exposure of confidential information, unauthorized modifications, or even complete system compromise. It is essential to address this vulnerability promptly to prevent potential security breaches.
The module works by sending HTTP requests to the targeted Oracle eBusiness Suite instance and analyzing the responses for specific patterns. In this case, the module sends GET requests to the following paths:
/OA_HTML/bispgraph.jsp%0D%0A.js?ifn=passwd&ifl=/etc/
/OA_HTML/jsp/bsc/bscpgraph.jsp?ifl=/etc/&ifn=passwd
The module then applies a matching condition to the response body using a regular expression. If the response body contains the pattern "root:.*:0:0:", the module considers the vulnerability to be present.
By detecting this vulnerability, the module helps identify potential security risks in Oracle eBusiness Suite installations and enables appropriate remediation measures to be taken.
Reference: https://www.blackhat.com/docs/us-16/materials/us-16-Li