Oracle GoldenGate Manager < 18.104.22.168.1 OBEY Command ggserr.log File Handling RCE
Critical Nessus Plugin ID 100620
SynopsisThe Oracle GoldenGate Manager application running on the remote host is affected by a remote code execution vulnerability.
DescriptionAccording to its self-reported version number, the Oracle GoldenGate Manager application running on the remote host is prior to 22.214.171.124.1.
It is, therefore, affected by a remote code execution vulnerability due to improper handling of 'OBEY' commands and the ggserr.log file.
An unauthenticated, remote attacker can exploit this to execute arbitrary code by entering a 'SHELL' command into the error log and then executing the error log via the 'OBEY' command.
Note that newer versions of Oracle GoldenGate Manager do not fix this issue but instead introduce access controls that disallow use of 'OBEY' by default.
SolutionUpgrade to Oracle GoldenGate Manager version 126.96.36.199.1 and use appropriate access controls to disallow the use of the 'OBEY' command.