According to the version of one or more Juniper NSM servers running on the remote host, it is potentially affected by multiple vulnerabilities affecting the Java software running on the host.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(69874);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id(
"CVE-2008-3103",
"CVE-2008-3104",
"CVE-2008-3105",
"CVE-2008-3106",
"CVE-2008-3107",
"CVE-2008-3108",
"CVE-2008-3109",
"CVE-2008-3110",
"CVE-2008-3111",
"CVE-2008-3112",
"CVE-2008-3113",
"CVE-2008-3114",
"CVE-2008-3115",
"CVE-2011-0786",
"CVE-2011-0802",
"CVE-2011-0814",
"CVE-2011-0815",
"CVE-2011-0817",
"CVE-2011-0862",
"CVE-2011-0863",
"CVE-2011-0864",
"CVE-2011-0865",
"CVE-2011-0866",
"CVE-2011-0867",
"CVE-2011-0868",
"CVE-2011-0869",
"CVE-2011-0871",
"CVE-2011-0872",
"CVE-2011-0873"
);
script_bugtraq_id(
30140,
30141,
30143,
30144,
30146,
30147,
30148,
48133,
48134,
48136,
48137,
48138,
48139,
48140,
48141,
48142,
48143,
48144,
48145,
48146,
48147,
48148,
48149
);
script_name(english:"Juniper NSM Servers Multiple Java JDK/JRE Vulnerabilities (PSN-2012-08-689)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"According to the version of one or more Juniper NSM servers running on
the remote host, it is potentially affected by multiple vulnerabilities
affecting the Java software running on the host.");
# http://kb.juniper.net/InfoCenter/index?page=content&legacyid=PSN-2012-08-689
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e9601ccb");
script_set_attribute(attribute:"solution", value:
"Upgrade to NSM version 2012.1R2, 2011.4s5, or 2010.3s8.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"D2ExploitPack");
script_cwe_id(16, 20, 119, 200, 264);
script_set_attribute(attribute:"vuln_publication_date", value:"2008/07/09");
script_set_attribute(attribute:"patch_publication_date", value:"2012/09/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/13");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:juniper:netscreen-security_manager");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");
script_dependencies("juniper_nsm_gui_svr_detect.nasl", "juniper_nsm_servers_installed.nasl");
script_require_keys("Juniper_NSM_VerDetected");
exit(0);
}
include("audit.inc");
include("misc_func.inc");
include("global_settings.inc");
kb_base = "Host/NSM/";
get_kb_item_or_exit("Juniper_NSM_VerDetected");
kb_list = make_list();
temp = get_kb_list("Juniper_NSM_GuiSvr/*/build");
if (!isnull(temp) && max_index(keys(temp)) > 0)
kb_list = make_list(kb_list, keys(temp));
temp = get_kb_list("Host/NSM/*/build");
if (!isnull(temp) && max_index(keys(temp)) > 0)
kb_list = make_list(kb_list, keys(temp));
if (isnull(kb_list)) audit(AUDIT_NOT_INST, "Juniper NSM Servers");
report = '';
entry = branch(kb_list);
port = 0;
kb_base = '';
if ("Juniper_NSM_GuiSvr" >< entry)
{
port = entry - "Juniper_NSM_GuiSvr/" - "/build";
kb_base = "Juniper_NSM_GuiSvr/" + port + "/";
report_str1 = "Remote GUI server version : ";
report_str2 = "Fixed version : ";
}
else
{
kb_base = entry - "build";
if ("guiSvr" >< kb_base)
{
report_str1 = "Local GUI server version : ";
report_str2 = "Fixed version : ";
}
else
{
report_str1 = "Local device server version : ";
report_str2 = "Fixed version : ";
}
}
build = get_kb_item_or_exit(entry);
version = get_kb_item_or_exit(kb_base + 'version');
disp_version = version + " (" + build + ")";
# NSM version 2012.1R2 or later
# NSM version 2011.4s5 or later
# NSM version 2010.3s8 or later
item = eregmatch(pattern:"^([0-9.]+)", string:version);
if (!isnull(item))
{
if (
ver_compare(ver:item[1], fix:'2010.3', strict:FALSE) == -1 ||
version =~ "^2010.3([rR][1-2]|[sS][1-7])?$"
)
{
report += '\n ' + report_str1 + disp_version +
'\n ' + report_str2 + '2010.3s8' + '\n';
}
if (
(version =~ "^2011\." &&
ver_compare(ver:item[1], fix:'2011.4', strict:FALSE) == -1) ||
version =~ "^2011.4([sS][1-4])?$"
)
{
report += '\n ' + report_str1 + disp_version +
'\n ' + report_str2 + '2011.4s5' + '\n';
}
if (version =~ "^2012\.(1|1[rR]1)$")
{
report += '\n ' + report_str1 + disp_version +
'\n ' + report_str2 + '2012.1R2' + '\n';
}
}
if (report == '') audit(AUDIT_INST_VER_NOT_VULN, "Juniper NSM GUI Server or Device Server");
if (report_verbosity > 0)
security_hole(extra:report, port:port);
else security_hole(port);
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | netscreen-security_manager | cpe:/a:juniper:netscreen-security_manager |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3103
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3104
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3105
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3106
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3107
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3109
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3111
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3112
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3113
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3114
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3115
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0817
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873
www.nessus.org/u?e9601ccb