Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability CVE-2009-1977 and CVE-2009-1978 Use it for ethical pentesting only! The author accepts no liability for damage caused by this tool.