Oracle Secure Backup Memory Corruption

March 20, 2009

Oracle Secure Backup is a centralized tape backup management solution that provides data protection for heterogeneous file systems and the Oracle database. It uses the Network Data Management Protocol (NDMP) protocol to administer and perform backup tasks for all clients.

The NDMP protocol is designed to make every network attached storage device "backup ready", enabling true plug-and-play backup operation. With the NDMP approach, each network-attached file server ships with a "universal agent", which can be used by any NDMP-compliant backup administration application.

There is a memory corruption vulnerability in Oracle Secure Backup. The vulnerability is triggered during processing the malformed NDMP requests NDMP_CONNECT_OPEN or NDMP_CONNECT_CLOSE. The issue is due to the vulnerable code improper handle the Error field of the requests, and refers to a non-allocated memory. This operation will cause the NDMP process instance terminated immediately.

SonicWALL UTM team has developed the following signatures to detect/prevent attack attempts addressing this issue.

  • 5034 Symantec Veritas Backup Exec Agent Error Status DoS
  • 5431 Oracle Secure Backup NDMP Handling DoS