Lucene search
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_HTTP_SERVER_CPU_APR_2019.NASLHistoryApr 18, 2019 - 12:00 a.m.
Oracle Fusion Middleware Oracle HTTP Server (Apr 2019 CPU)
2019-04-1800:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
The version of Oracle HTTP Server installed on the remote host is affected by a stack-based buffer overflow as noted in the April 2019 CPU advisory. The condition exists in the included cURL library due to using unsigned math when preventing the overflow. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to cause a denial of service condition or the execution of arbitrary code.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(124156);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");
script_cve_id("CVE-2019-3822");
script_bugtraq_id(106950);
script_xref(name:"IAVA", value:"2019-A-0128");
script_xref(name:"CEA-ID", value:"CEA-2019-0227");
script_name(english:"Oracle Fusion Middleware Oracle HTTP Server (Apr 2019 CPU)");
script_set_attribute(attribute:"synopsis", value:
"The remote web server is affected by a stack-based buffer overflow vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of Oracle HTTP Server installed on the remote host is affected by a stack-based buffer overflow as noted in
the April 2019 CPU advisory. The condition exists in the included cURL library due to using unsigned math when
preventing the overflow. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to
cause a denial of service condition or the execution of arbitrary code.");
# https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixFMW
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?06438612");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2019 Oracle
Critical Patch Update advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3822");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/16");
script_set_attribute(attribute:"patch_publication_date", value:"2019/04/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server");
script_set_attribute(attribute:"stig_severity", value:"I");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("oracle_http_server_installed.nbin");
script_require_keys("Oracle/OHS/Installed");
exit(0);
}
include('oracle_http_server_patch_func.inc');
get_kb_item_or_exit('Oracle/OHS/Installed');
install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');
install = branch(install_list, key:TRUE, value:TRUE);
patches = make_array();
patches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.190310', 'patch', '29407043');
oracle_http_server_check_vuln(
install : install,
min_patches : patches,
severity : SECURITY_HOLE
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | fusion_middleware | cpe:/a:oracle:fusion_middleware | |
| oracle | http_server | cpe:/a:oracle:http_server |
Related
checkpoint_advisories
checkpoint_advisories
Haxx Libcurl NTLM Buffer Overflow (CVE-2019-3822)
2020-01-12 00:00:00
redhatcve
redhatcve
CVE-2019-3822
2019-02-06 08:19:21
prion
prion
Stack overflow
2019-02-06 20:29:00
veracode
veracode
Remote Code Execution (RCE)
2019-03-12 05:15:55
ubuntucve
ubuntucve
CVE-2019-3822
2019-02-06 00:00:00
alpinelinux
alpinelinux
CVE-2019-3822
2019-02-06 20:29:00
debiancve
debiancve
CVE-2019-3822
2019-02-06 20:29:00
osv
osv
CVE-2019-3822
2019-02-06 20:29:00
curl - security update
2019-02-11 00:00:00
curl - security update
2019-02-06 00:00:00
cve
cve
CVE-2019-3822
2019-02-06 20:29:00
nessus
nessus
Photon OS 1.0: Curl PHSA-2019-1.0-0209
2020-01-28 00:00:00
Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2019-037-01)
2019-02-07 00:00:00
openSUSE Security Update : curl (openSUSE-2019-174)
2019-02-15 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1672-1)
2019-02-11 00:00:00
Debian: Security Advisory (DSA-4386-1)
2019-02-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0248-1)
2021-06-09 00:00:00
threatpost
threatpost
Oracle Squashes 53 Critical Bugs in April Security Update
2019-04-17 13:33:09
archlinux
archlinux
[ASA-201902-12] lib32-libcurl-compat: arbitrary code execution
2019-02-12 00:00:00
[ASA-201902-11] lib32-libcurl-gnutls: arbitrary code execution
2019-02-12 00:00:00
[ASA-201902-9] curl: arbitrary code execution
2019-02-12 00:00:00
slackware
slackware
[slackware-security] curl
2019-02-06 23:59:25
suse
suse
Security update for curl (important)
2019-02-14 00:00:00
Security update for curl (important)
2019-02-14 00:00:00
photon
photon
amazon
amazon
Medium: mysql57
2019-09-30 21:02:00
Medium: curl
2019-02-16 00:34:00
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.64.0-alt1
2019-02-08 00:00:00
ibm
ibm
Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities
2019-03-29 11:00:02
debian
debian
[SECURITY] [DLA 1672-1] curl security update
2019-02-11 15:43:52
[SECURITY] [DSA 4386-1] curl security update
2019-02-06 22:36:32
freebsd
freebsd
curl -- multiple vulnerabilities
2019-02-07 00:00:00
MySQL -- Multiple vulerabilities
2019-07-16 00:00:00
f5
f5
cloudfoundry
cloudfoundry
USN-3882-1: curl vulnerabilities | Cloud Foundry
2019-02-15 00:00:00
MySQL Security Updates - July 2019 | Cloud Foundry
2019-12-02 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2019-02-06 00:00:00
oraclelinux
oraclelinux
curl security and bug fix update
2019-11-14 00:00:00
redhat
redhat
ics
ics
Siemens SINEMA Remote Connect (Update A)
2021-03-09 12:00:00
gentoo
gentoo
cURL: Multiple vulnerabilities
2019-03-10 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: curl-7.61.1-8.fc29
2019-02-12 02:58:21
[SECURITY] Fedora 29 Update: curl-7.61.1-11.fc29
2019-06-09 02:58:45
[SECURITY] Fedora 29 Update: curl-7.61.1-12.fc29
2019-09-29 02:22:57
kitploit
kitploit
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00
Oracle Critical Patch Update Advisory - July 2019
2019-07-16 00:00:00
Related for ORACLE_HTTP_SERVER_CPU_APR_2019.NASL