CVE-2008-5444

Oracle Secure Backup <10.2.0.2 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-5444. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/oracle/osb_ndmp_auth.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in Oracle Secure Backup via a crafted NDMP_CONNECT_CLIENT_AUTH packet. It leverages a long username field to overwrite the return address and execute arbitrary payloads, achieving remote code execution.

Description

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-5449.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16343

View Code ZIP pw:eip

This exploit targets a stack buffer overflow in Oracle Secure Backup via a crafted NDMP_CONNECT_CLIENT_AUTH packet. It leverages a long username field to overwrite the return address and execute arbitrary payloads, achieving remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle Secure Backup 10.1.0.3

No auth needed

Prerequisites: Network access to the target's NDMP service (port 10000)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GOOD

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/oracle/osb_ndmp_auth.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in Oracle Secure Backup via a crafted NDMP_CONNECT_CLIENT_AUTH packet, allowing arbitrary code execution. It targets a specific return address in oracore10.dll for Windows systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle Secure Backup 10.1.0.3

No auth needed

Prerequisites: Network access to the target's NDMP service (port 10000)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Permissions Required third-party-advisory x_refsource_secunia

http://secunia.com/advisories/33525

Not Applicable vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/0115

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/33177

Scores

EPSS 0.6062

EPSS Percentile 99.0%

Details

Status published

Products (1)

oracle/secure_backup 10.2.0.2

Published Jan 14, 2009

Tracked Since Feb 18, 2026