Oracle GoldenGate Manager < 12.2.0.1.1 OBEY Command ggserr.log File Handling RCE

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The Oracle GoldenGate Manager application running on the remote host
is affected by a remote code execution vulnerability.

Description :

According to its self-reported version number, the Oracle GoldenGate
Manager application running on the remote host is prior to 12.2.0.1.1.
It is, therefore, affected by a remote code execution vulnerability
due to improper handling of 'OBEY' commands and the ggserr.log file.
An unauthenticated, remote attacker can exploit this to execute
arbitrary code by entering a 'SHELL' command into the error log and
then executing the error log via the 'OBEY' command.

Note that newer versions of Oracle GoldenGate Manager do not fix this
issue but instead introduce access controls that disallow use of
'OBEY' by default.

See also :

https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/

Solution :

Upgrade to Oracle GoldenGate Manager version 12.2.0.1.1 and use
appropriate access controls to disallow the use of the 'OBEY' command.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.5
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 100620 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now