Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.IBM_RATIONAL_BUSINESS_DEVELOPER_INFORMATION_DISCLOSURE.NASL
HistoryMay 03, 2013 - 12:00 a.m.

IBM Rational Business Developer 8.x < 8.0.1.4 Information Disclosure

2013-05-0300:00:00
This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

70.2%

JSON

The version of IBM Rational Business Developer installed on the remote Windows host is affected by an unspecified vulnerability that could lead to potentially sensitive information being revealed to an untrusted client.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(66307);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/08/05");

  script_cve_id("CVE-2012-3319");
  script_bugtraq_id(55718);
  script_xref(name:"IAVB", value:"2012-B-0097-S");

  script_name(english:"IBM Rational Business Developer 8.x < 8.0.1.4 Information Disclosure");
  script_summary(english:"Checks version of IBM Rational Business Developer");

  script_set_attribute(attribute:"synopsis", value:
"The remote host has a development application installed that is 
affected by an information disclosure vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of IBM Rational Business Developer installed on the 
remote Windows host is affected by an unspecified vulnerability
that could lead to potentially sensitive information being revealed
to an untrusted client.");
  script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21612314");
  script_set_attribute(attribute:"solution", value:
"Upgrade to IBM Rational Business Developer 8.0.1.4 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-3319");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/09/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/09/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:rational_business_developer");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ibm_rational_business_developer_installed.nasl");
  script_require_keys("SMB/IBM Rational Business Developer/Path", "SMB/IBM Rational Business Developer/Version");
  
  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("audit.inc");

path = get_kb_item_or_exit('SMB/IBM Rational Business Developer/Path');
version = get_kb_item_or_exit('SMB/IBM Rational Business Developer/Version');

if (version =~ '^8\\.0' && ver_compare(ver:version, fix:'8.0.1.4', strict:FALSE) < 0)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Path              : ' + path +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 8.0.1.4\n';
    security_warning(port:get_kb_item('SMB/transport'), extra:report);
  }
  else security_warning(port:get_kb_item('SMB/transport'));
  exit(0);
}
audit(AUDIT_INST_PATH_NOT_VULN, 'IBM Rational Business Developer', version, path);
VendorProductVersionCPE
ibmrational_business_developercpe:/a:ibm:rational_business_developer

Related

prion 1
openvas 2
cvelist 1
nvd 1
cve 1
prion
prion
Information disclosure
2012-10-01 18:55:00
openvas
openvas
IBM RBD Web Services Information Disclosure Vulnerability (Windows)
2012-12-19 00:00:00
IBM RBD Web Services Information Disclosure Vulnerability - Windows
2012-12-19 00:00:00
cvelist
cvelist
CVE-2012-3319
2012-10-01 18:00:00
nvd
nvd
CVE-2012-3319
2012-10-01 18:55:00
cve
cve
CVE-2012-3319
2012-10-01 18:55:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

70.2%

JSON
Related for IBM_RATIONAL_BUSINESS_DEVELOPER_INFORMATION_DISCLOSURE.NASL
prion1openvas2cvelist1nvd1cve1