ID CVE-2015-5262 Type cve Reporter NVD Modified 2018-07-18T21:29:02
Description
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
{"openvas": [{"lastseen": "2018-10-01T10:28:09", "bulletinFamily": "scanner", "description": "Mageia Linux Local Security Checks mgasa-2015-0392", "modified": "2018-09-28T00:00:00", "published": "2015-10-15T00:00:00", "id": "OPENVAS:1361412562310130001", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310130001", "title": "Mageia Linux Local Check: mgasa-2015-0392", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0392.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.130001\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 06:54:55 +0300 (Thu, 15 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0392\");\n script_tag(name:\"insight\", value:\"The Apache httpclient library had a bug where the socket timeout was ignored during the SSL handshake, causing threads in an application to hang (CVE-2015-5262).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0392.html\");\n script_cve_id(\"CVE-2015-5262\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0392\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~15.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"httpcomponents-client\", rpm:\"httpcomponents-client~4.3.6~1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:40", "bulletinFamily": "scanner", "description": "Check the version of jakarta-commons-httpclient", "modified": "2017-07-10T00:00:00", "published": "2015-10-02T00:00:00", "id": "OPENVAS:1361412562310869976", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869976", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2015-15588", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2015-15588\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869976\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-02 07:09:22 +0200 (Fri, 02 Oct 2015)\");\n script_cve_id(\"CVE-2015-5262\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2015-15588\");\n script_tag(name: \"summary\", value: \"Check the version of jakarta-commons-httpclient\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The Hyper-Text Transfer Protocol (HTTP) is\nperhaps the most significant protocol used on the Internet today. Web services,\nnetwork-enabled appliances and the growth of network computing continue to\nexpand the role of the HTTP protocol beyond user-driven web browsers, and\nincrease the number of applications that may require HTTP support. Although the\njava.net package provides basic support for accessing resources via HTTP, it\ndoesn't provide the full flexibility or functionality needed by many\napplications. The Jakarta Commons HTTP Client component seeks to fill this void\nby providing an efficient, up-to-date, and feature-rich package implementing the\nclient side of the most recent HTTP standards and recommendations. Designed for\nextension while providing robust support for the base HTTP protocol, the HTTP\nClient component may be of interest to anyone building HTTP-aware client\napplications such as web browsers, web service clients, or systems that leverage\nor extend the HTTP protocol for distributed communication.\n\");\n script_tag(name: \"affected\", value: \"jakarta-commons-httpclient on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-15588\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~20.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:20", "bulletinFamily": "scanner", "description": "Check the version of jakarta-commons-httpclient", "modified": "2017-07-10T00:00:00", "published": "2015-10-02T00:00:00", "id": "OPENVAS:1361412562310869974", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869974", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2015-15589", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2015-15589\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869974\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-02 07:09:18 +0200 (Fri, 02 Oct 2015)\");\n script_cve_id(\"CVE-2015-5262\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2015-15589\");\n script_tag(name: \"summary\", value: \"Check the version of jakarta-commons-httpclient\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The Hyper-Text Transfer Protocol (HTTP)\nis perhaps the most significant protocol used on the Internet today. Web\nservices, network-enabled appliances and the growth of network computing\ncontinue to expand the role of the HTTP protocol beyond user-driven web browsers,\nand increase the number of applications that may require HTTP support. Although\nthe java.net package provides basic support for accessing resources via HTTP,\nit doesn't provide the full flexibility or functionality needed by many\napplications. The Jakarta Commons HTTP Client component seeks to fill this void\nby providing an efficient, up-to-date, and feature-rich package implementing\nthe client side of the most recent HTTP standards and recommendations. Designed\nfor extension while providing robust support for the base HTTP protocol, the\nHTTP Client component may be of interest to anyone building HTTP-aware client\napplications such as web browsers, web service clients, or systems that\nleverage or extend the HTTP protocol for distributed communication.\n\");\n script_tag(name: \"affected\", value: \"jakarta-commons-httpclient on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-15589\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~23.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:01:23", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2015-10-15T00:00:00", "id": "OPENVAS:1361412562310842488", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842488", "title": "Ubuntu Update for commons-httpclient USN-2769-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for commons-httpclient USN-2769-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842488\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 08:48:23 +0200 (Thu, 15 Oct 2015)\");\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\", \"CVE-2015-5262\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for commons-httpclient USN-2769-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Apache Commons HttpClient did not properly verify the\nCommon Name or subjectAltName fields of X.509 certificates. An attacker could\nexploit this to perform a man in the middle attack to view sensitive\ninformation or alter encrypted communications. This issue only affected Ubuntu\n12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache\nCommons HttpClient. An attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted communications.\nThis issue only affected Ubuntu 12.04 LTS. (CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was\nincomplete for Apache Commons HttpClient. An attacker could exploit this to\nperform a man in the middle attack to view sensitive information or alter\nencrypted communications. (CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly handle read\ntimeouts during HTTPS handshakes. A remote attacker could trigger this flaw to\ncause a denial of service. (CVE-2015-5262)\");\n script_tag(name:\"affected\", value:\"commons-httpclient on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2769-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2769-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-httpclient-java\", ver:\"3.1-10.2ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-httpclient-java\", ver:\"3.1-10.2ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-httpclient-java\", ver:\"3.1-10ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:20", "bulletinFamily": "unix", "description": "Package : commons-httpclient\nVersion : 3.1-9+deb6u2\nCVE ID : CVE-2015-5262\n\nTrevin Beattie [1] discovered an issue where one could observe hanging\nthreads in a multi-threaded Java application. After debugging the issue,\nit became evident that the hanging threads were caused by the SSL\ninitialization code in commons-httpclient.\n\nThis upload fixes this issue by respecting the configured SO_TIMEOUT\nduring SSL handshakes with the server.\n\n[1] https://bugzilla.redhat.com/show_bug.cgi?id=1259892\n\n-- \n\nmike gabriel aka sunweaver (Debian Developer)\nfon: +49 (1520) 1976 148\n\nGnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31\nmail: sunweaver@debian.org, http://sunweavers.net\n", "modified": "2015-10-01T08:33:01", "published": "2015-10-01T08:33:01", "id": "DEBIAN:DLA-322-1:7D682", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201510/msg00000.html", "title": "[SECURITY] [DLA 322-1] commons-httpclient security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:25:09", "bulletinFamily": "scanner", "description": "This update fixes CVE-2015-5262 denial of service security vulnerability by respectinc configured SO_TIMEOUT parameter during SSL handshake.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-15588.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86228", "published": "2015-10-02T00:00:00", "title": "Fedora 21 : jakarta-commons-httpclient-3.1-20.fc21 (2015-15588)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-15588.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86228);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:57:26 $\");\n\n script_cve_id(\"CVE-2015-5262\");\n script_xref(name:\"FEDORA\", value:\"2015-15588\");\n\n script_name(english:\"Fedora 21 : jakarta-commons-httpclient-3.1-20.fc21 (2015-15588)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2015-5262 denial of service security\nvulnerability by respectinc configured SO_TIMEOUT parameter during SSL\nhandshake.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1261538\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ecc5c4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"jakarta-commons-httpclient-3.1-20.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:09", "bulletinFamily": "scanner", "description": "Trevin Beattie [1] discovered an issue where one could observe hanging threads in a multi-threaded Java application. After debugging the issue, it became evident that the hanging threads were caused by the SSL initialization code in commons-httpclient.\n\nThis upload fixes this issue by respecting the configured SO_TIMEOUT during SSL handshakes with the server.\n\n[1] https://bugzilla.redhat.com/show_bug.cgi?id=1259892\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-06T00:00:00", "id": "DEBIAN_DLA-322.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86225", "published": "2015-10-02T00:00:00", "title": "Debian DLA-322-1 : commons-httpclient security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-322-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86225);\n script_version(\"2.4\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2015-5262\");\n\n script_name(english:\"Debian DLA-322-1 : commons-httpclient security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Trevin Beattie [1] discovered an issue where one could observe hanging\nthreads in a multi-threaded Java application. After debugging the\nissue, it became evident that the hanging threads were caused by the\nSSL initialization code in commons-httpclient.\n\nThis upload fixes this issue by respecting the configured SO_TIMEOUT\nduring SSL handshakes with the server.\n\n[1] https://bugzilla.redhat.com/show_bug.cgi?id=1259892\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1259892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/10/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/commons-httpclient\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcommons-httpclient-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcommons-httpclient-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcommons-httpclient-java\", reference:\"3.1-9+deb6u2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcommons-httpclient-java-doc\", reference:\"3.1-9+deb6u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:09", "bulletinFamily": "scanner", "description": "This update fixes CVE-2015-5262 denial of service security vulnerability by respectinc configured SO_TIMEOUT parameter during SSL handshake.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-15589.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86229", "published": "2015-10-02T00:00:00", "title": "Fedora 22 : jakarta-commons-httpclient-3.1-23.fc22 (2015-15589)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-15589.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86229);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:57:26 $\");\n\n script_cve_id(\"CVE-2015-5262\");\n script_xref(name:\"FEDORA\", value:\"2015-15589\");\n\n script_name(english:\"Fedora 22 : jakarta-commons-httpclient-3.1-23.fc22 (2015-15589)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2015-5262 denial of service security\nvulnerability by respectinc configured SO_TIMEOUT parameter during SSL\nhandshake.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1261538\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eaad81e4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"jakarta-commons-httpclient-3.1-23.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:09", "bulletinFamily": "scanner", "description": "This update fixes CVE-2015-5262 denial of service security vulnerability by respectinc configured SO_TIMEOUT parameter during SSL handshake.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-15590.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86230", "published": "2015-10-02T00:00:00", "title": "Fedora 23 : jakarta-commons-httpclient-3.1-23.fc23 (2015-15590)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-15590.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86230);\n script_version(\"$Revision: 2.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:57:26 $\");\n\n script_cve_id(\"CVE-2015-5262\");\n script_xref(name:\"FEDORA\", value:\"2015-15590\");\n\n script_name(english:\"Fedora 23 : jakarta-commons-httpclient-3.1-23.fc23 (2015-15590)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2015-5262 denial of service security\nvulnerability by respectinc configured SO_TIMEOUT parameter during SSL\nhandshake.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1261538\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe7e1956\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"jakarta-commons-httpclient-3.1-23.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:25:12", "bulletinFamily": "scanner", "description": "It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates.\nAn attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache Commons HttpClient. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 12.04 LTS.\n(CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was incomplete for Apache Commons HttpClient. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.\n(CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly handle read timeouts during HTTPS handshakes. A remote attacker could trigger this flaw to cause a denial of service. (CVE-2015-5262).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-01T00:00:00", "id": "UBUNTU_USN-2769-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=86401", "published": "2015-10-15T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : commons-httpclient vulnerabilities (USN-2769-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2769-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86401);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/12/01 15:12:40\");\n\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\", \"CVE-2015-5262\");\n script_xref(name:\"USN\", value:\"2769-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : commons-httpclient vulnerabilities (USN-2769-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Apache Commons HttpClient did not properly\nverify the Common Name or subjectAltName fields of X.509 certificates.\nAn attacker could exploit this to perform a man in the middle attack\nto view sensitive information or alter encrypted communications. This\nissue only affected Ubuntu 12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for\nApache Commons HttpClient. An attacker could exploit this to perform a\nman in the middle attack to view sensitive information or alter\nencrypted communications. This issue only affected Ubuntu 12.04 LTS.\n(CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for\nCVE-2012-5783 was incomplete for Apache Commons HttpClient. An\nattacker could exploit this to perform a man in the middle attack to\nview sensitive information or alter encrypted communications.\n(CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly\nhandle read timeouts during HTTPS handshakes. A remote attacker could\ntrigger this flaw to cause a denial of service. (CVE-2015-5262).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2769-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcommons-httpclient-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcommons-httpclient-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04|14\\.04|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libcommons-httpclient-java\", pkgver:\"3.1-10ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcommons-httpclient-java\", pkgver:\"3.1-10.2ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libcommons-httpclient-java\", pkgver:\"3.1-10.2ubuntu0.15.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcommons-httpclient-java\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "description": "No timeout on handshake.", "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:VULN:14740", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14740", "title": "Apache Commons HttpClient DoS", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2769-1\r\nOctober 14, 2015\r\n\r\ncommons-httpclient vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in commons-httpclient.\r\n\r\nSoftware Description:\r\n- commons-httpclient: A Java(TM) library for creating HTTP clients\r\n\r\nDetails:\r\n\r\nIt was discovered that Apache Commons HttpClient did not properly verify the\r\nCommon Name or subjectAltName fields of X.509 certificates. An attacker could\r\nexploit this to perform a man in the middle attack to view sensitive\r\ninformation or alter encrypted communications. This issue only affected Ubuntu\r\n12.04 LTS. (CVE-2012-5783)\r\n\r\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache\r\nCommons HttpClient. An attacker could exploit this to perform a man in the\r\nmiddle attack to view sensitive information or alter encrypted communications.\r\nThis issue only affected Ubuntu 12.04 LTS. (CVE-2012-6153)\r\n\r\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was\r\nincomplete for Apache Commons HttpClient. An attacker could exploit this to\r\nperform a man in the middle attack to view sensitive information or alter\r\nencrypted communications. (CVE-2014-3577)\r\n\r\nIt was discovered that Apache Commons HttpClient did not properly handle read\r\ntimeouts during HTTPS handshakes. A remote attacker could trigger this flaw to\r\ncause a denial of service. (CVE-2015-5262)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n libcommons-httpclient-java 3.1-10.2ubuntu0.15.04.1\r\n\r\nUbuntu 14.04 LTS:\r\n libcommons-httpclient-java 3.1-10.2ubuntu0.14.04.1\r\n\r\nUbuntu 12.04 LTS:\r\n libcommons-httpclient-java 3.1-10ubuntu0.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2769-1\r\n CVE-2012-5783, CVE-2012-6153, CVE-2014-3577, CVE-2015-5262\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10.2ubuntu0.15.04.1\r\n https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10.2ubuntu0.14.04.1\r\n https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10ubuntu0.1\r\n\r\n\r\n\r\n-- \r\nubuntu-security-announce mailing list\r\nubuntu-security-announce@lists.ubuntu.com\r\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32573", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32573", "title": "[USN-2769-1] Apache Commons HttpClient", "type": "securityvulns", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:09", "bulletinFamily": "unix", "description": "It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache Commons HttpClient. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was incomplete for Apache Commons HttpClient. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly handle read timeouts during HTTPS handshakes. A remote attacker could trigger this flaw to cause a denial of service. (CVE-2015-5262)", "modified": "2015-10-14T00:00:00", "published": "2015-10-14T00:00:00", "id": "USN-2769-1", "href": "https://usn.ubuntu.com/2769-1/", "title": "Apache Commons HttpClient vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "oracle": [{"lastseen": "2018-10-13T04:31:42", "bulletinFamily": "software", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to: \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<http://www.oracle.com/securityalerts>) for information about Oracle Security Advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 334 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2420273.1>).\n\nMany industry experts anticipate that exploits leveraging known flaws in modern processor designs will continue to be disclosed for the foreseeable future (i.e., \"Spectre\" variants). For information related to these issues, please refer to:\n\n * the January 2018 Critical Patch Update (and later) Advisories,\n * the \"Addendum to the January 2018 Critical Patch Update Advisory for Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754)\" ([Doc ID 2347948.1](<https://support.oracle.com/rs?type=doc&id=2347948.1>)), and\n * \"Information about processor vulnerabilities CVE-2018-3640 (\"Spectre v3a\") and CVE-2018-3639 (\"Spectre v4\")\" ([Doc ID 2399123.1](<https://support.oracle.com/rs?type=doc&id=2399123.1>)).\n\n \n", "modified": "2018-10-12T00:00:00", "published": "2018-07-17T00:00:00", "id": "ORACLE:CPUJUL2018-4258247", "href": "", "title": "CPU July 2018", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
