Full title: Oracle Event Processing FileUploadServlet Arbitrary File Upload Exploit Category: remote exploits Platform: multiple Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system. This Metasploit module exploits an Arbitrary File Upload vulnerability in Oracle Event Processing 11.1.1.7.0. The FileUploadServlet component, which requires no authentication, can be abused to upload a malicious file onto an arbitrary location due to a directory traversal flaw, and compromise the server. By default Oracle Event Processing uses a Jetty Application Server without JSP support, which limits the attack to WbemExec. The current WbemExec technique only requires arbitrary write to the file system, but at the moment the module only supports Windows 2003 SP2 or older. # 0day.today @ http://0day.today/