CVE-2010-3585

Oracle VM Server Virtual Server Agent Command Injection

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-3585. PoCs published by Metasploit, jduck, including Metasploit module exploits/unix/webapp/oracle_vm_agent_utl.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in Oracle VM Server's Virtual Server Agent (ovs-agent) via the 'utl_test_url' XML-RPC method. It allows arbitrary command execution with root privileges by injecting shell meta characters into the second parameter.

Description

Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of unspecified functions using XML-RPC.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/16915

This Metasploit module exploits a command injection vulnerability in Oracle VM Server's Virtual Server Agent (ovs-agent) via the 'utl_test_url' XML-RPC method. It allows arbitrary command execution with root privileges by injecting shell meta characters into the second parameter.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Oracle VM Server Virtual Server Agent (ovs-agent)
Auth required
Prerequisites: Valid credentials (username: 'oracle', password: set by admin) · Network access to the target service (port 8899)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by jduck · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb

This Metasploit module exploits a command injection vulnerability in Oracle VM Server's Virtual Server Agent (ovs-agent) via the 'utl_test_url' XML-RPC method. It allows arbitrary command execution with root privileges by injecting shell meta characters into the second parameter of the method call.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Oracle VM Server Virtual Server Agent (ovs-agent)
Auth required
Prerequisites: Valid credentials (username 'oracle' and administrator-set password) · Network access to the target service on port 8899
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-287A.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514611/100/0/threaded

Scores

EPSS 0.5271
EPSS Percentile 98.8%

Details

Status published
Products (1)
oracle/vm 2.2.1
Published Oct 14, 2010
Tracked Since Feb 18, 2026