Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_EDQ_OCT_2014_CPU.NASL
HistoryOct 30, 2014 - 12:00 a.m.

Oracle Enterprise Data Quality Multiple Vulnerabilities (October 2014 CPU)

2014-10-3000:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

The version of Oracle Enterprise Data Quality running on the remote host is affected by multiple vulnerabilities :

  • A flaw in Apache Commons BeanUtils allows a remote attacker to execute arbitrary code by manipulating the ClassLoader. (CVE-2014-0114)

  • A flaw in Apache Tomcat allows a remote attacker to replace the XML parsers and thereby gain access to sensitive information. (CVE-2014-0119)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(78749);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2014-0114", "CVE-2014-0119");
  script_bugtraq_id(67121, 67669);

  script_name(english:"Oracle Enterprise Data Quality Multiple Vulnerabilities (October 2014 CPU)");
  script_summary(english:"Checks the versions.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle Enterprise Data Quality running on the remote
host is affected by multiple vulnerabilities :

  - A flaw in Apache Commons BeanUtils allows a remote
    attacker to execute arbitrary code by manipulating the
    ClassLoader. (CVE-2014-0114)

  - A flaw in Apache Tomcat allows a remote attacker to
    replace the XML parsers and thereby gain access to
    sensitive information. (CVE-2014-0119)");
  # https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1ada40cc");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2014 Oracle
Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Apache Struts ClassLoader Manipulation Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/04/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/30");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_edq_director_detect.nbin");
  script_require_keys("installed_sw/Oracle Enterprise Data Quality Director");
  script_require_ports("Services/www", 9002);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("install_func.inc");
include("http.inc");

port = get_http_port(default:9002);

app_name = "Oracle Enterprise Data Quality Director";

install = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE, port:port);
version = install["version"];
path = install["path"];

item = eregmatch(pattern:"^([0-9.]+[0-9])\.?([^0-9.]|$)", string:version);
# should never happen
if (isnull(item) || isnull(item[1])) exit(1, "Error parsing version string : " + version);
chk_ver = item[1];

fix = "";

if (
  chk_ver =~ "^9\.0\." &&
  ver_compare(ver:chk_ver, fix:"9.0.11", strict:FALSE) == -1
) fix = "9.0.11";

# Looks like Oracle mis-published the patch for this
# Leaving check out until the correct patch is published
#if (version =~ "^8\.1\." &&
#   ver_compare(ver:version, fix:"8.1.12", strict:FALSE) == -1)
#  fix = "8.1.12";

if (fix != "")
{
  if (report_verbosity > 0)
  {
    report += 
      '\n  URL               : ' + build_url(port:port, qs:path) +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : ' + fix +
      '\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
  exit(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, app_name, version);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware

Related

f5 4
openvas 16
nessus 33
tomcat 3
ubuntucve 2
redhat 11
prion 5
kaspersky 1
osv 5
securityvulns 6
github 2
centos 3
cve 5
debiancve 2
ibm 81
debian 2
oraclelinux 3
fedora 1
packetstorm 1
suse 1
mageia 2
checkpoint_advisories 2
jvn 2
gentoo 1
ubuntu 2
redhatcve 1
threatpost 1
zdt 1
f5
f5
K15429 : Apache Tomcat vulnerability CVE-2014-0119
2014-10-14 00:00:00
SOL15429 - Apache Tomcat vulnerability CVE-2014-0119
2014-07-17 00:00:00
K15282 : Apache Struts vulnerability CVE-2014-0114
2014-10-20 00:00:00
openvas
openvas
Oracle Linux Local Check: ELSA-2014-1034
2015-10-06 00:00:00
Apache Tomcat XML External Entity Information Disclosure Vulnerability
2014-11-28 00:00:00
CentOS Update for tomcat CESA-2014:1034 centos7
2014-09-10 00:00:00
nessus
nessus
Apache Tomcat 7.0.x < 7.0.54 XML Parser Information Disclosure
2014-05-30 00:00:00
CentOS 7 : tomcat (CESA-2014:1034)
2014-08-08 00:00:00
RHEL 7 : tomcat (RHSA-2014:1034)
2014-08-08 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.54
2014-05-22 00:00:00
Fixed in Apache Tomcat 8.0.8
2014-05-21 00:00:00
Fixed in Apache Tomcat 6.0.41
2014-05-23 00:00:00
ubuntucve
ubuntucve
CVE-2014-0119
2014-05-31 00:00:00
CVE-2014-0114
2014-04-30 00:00:00
redhat
redhat
(RHSA-2014:1034) Low: tomcat security update
2014-08-07 00:00:00
(RHSA-2014:0500) Important: struts security update
2014-05-14 00:00:00
(RHSA-2014:0474) Important: struts security update
2014-05-07 00:00:00
prion
prion
Xxe
2014-05-31 11:17:00
Code injection
2014-04-30 10:49:00
Input validation
2019-10-03 14:15:00
kaspersky
kaspersky
KLA10070 RLF vulnerability in Apache Tomcat
2014-05-31 00:00:00
osv
osv
Missing XML Validation in Apache Tomcat
2022-05-14 01:10:18
Arbitrary code execution in Apache Commons BeanUtils
2020-06-10 23:38:01
libstruts1.2-java - security update
2014-09-17 00:00:00
securityvulns
securityvulns
[SECURITY] CVE-2014-0119 Apache Tomcat information disclosure
2014-05-29 00:00:00
Apache commons-beanutils code exeuction
2014-06-17 00:00:00
[oss-security] CVE request for commons-beanutils: &#39;class&#39; property is exposed, potentially leading to RCE
2014-06-17 00:00:00
github
github
Missing XML Validation in Apache Tomcat
2022-05-14 01:10:18
Arbitrary code execution in Apache Commons BeanUtils
2020-06-10 23:38:01
centos
centos
tomcat security update
2014-08-07 18:48:52
struts security update
2014-05-07 14:04:43
tomcat6 security update
2014-08-11 18:04:13
cve
cve
CVE-2014-0119
2014-05-31 11:17:00
CVE-2014-0114
2014-04-30 10:49:00
CVE-2014-3540
2014-07-08 04:11:00
debiancve
debiancve
CVE-2014-0119
2014-05-31 11:17:00
CVE-2014-0114
2014-04-30 10:49:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Rational RequisitePro (CVE-2014-0114)
2018-06-17 04:54:30
Security Bulletin: ClassLoader manipulation with Apache Struts affecting Tivoli Integrated Portal (CVE-2014-0114)
2018-06-17 15:15:18
Security Bulletin: Security vulnerability in IBM WebSphere Application Server, which is shipped with IBM WebSphere Dynamic Process Edition (CVE-2014-0114)
2018-06-15 07:00:25
debian
debian
[SECURITY] [DSA 2940-1] libstruts1.2-java security update
2014-08-21 06:39:48
[SECURITY] [DLA 57-1] libstruts1.2-java security update
2014-09-17 12:59:07
oraclelinux
oraclelinux
struts security update
2014-05-06 00:00:00
apache-commons-beanutils security update
2020-01-22 00:00:00
tomcat6 security update
2014-08-11 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: struts-1.3.10-10.fc20
2014-08-23 02:00:36
packetstorm
packetstorm
OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference
2018-08-23 00:00:00
suse
suse
Security update for struts (important)
2014-07-16 01:10:20
mageia
mageia
Updated struts packages fix CVE-2014-0114
2014-05-15 02:13:20
Updated tomcat and tomcat6 packages fix security vulnerabilities
2014-06-20 00:30:12
checkpoint_advisories
checkpoint_advisories
Apache Struts ActionForm ClassLoader Security Bypass (CVE-2014-0114)
2014-05-18 00:00:00
Apache Struts ParametersInterceptor ClassLoader Security Bypass (CVE-2014-0094; CVE-2014-0112; CVE-2014-0113; CVE-2014-0114)
2014-04-25 00:00:00
jvn
jvn
JVN#30962312: TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
2014-06-17 00:00:00
JVN#19118282: Seasar S2Struts vulnerable to ClassLoader manipulation
2014-07-15 00:00:00
gentoo
gentoo
Commons-BeanUtils: Arbitrary code execution
2016-07-20 00:00:00
ubuntu
ubuntu
Apache Commons BeanUtils vulnerabilities
2021-03-15 00:00:00
Tomcat vulnerabilities
2015-06-25 00:00:00
redhatcve
redhatcve
CVE-2019-3834
2019-10-02 20:20:56
threatpost
threatpost
Apache Patches Bugs in Tomcat
2014-05-30 12:31:25
zdt
zdt
Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution Exploit
2017-03-23 00:00:00
JSON
Related for ORACLE_EDQ_OCT_2014_CPU.NASL
f54openvas16nessus33tomcat3ubuntucve2redhat11prion5kaspersky1osv5securityvulns6github2centos3cve5debiancve2ibm81debian2oraclelinux3fedora1packetstorm1suse1mageia2checkpoint_advisories2jvn2gentoo1ubuntu2redhatcve1threatpost1zdt1