Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_HTTP_SERVER_CPU_JAN_2023.NASL
HistoryJan 23, 2023 - 12:00 a.m.

Oracle HTTP Server (Jan 2023 CPU)

2023-01-2300:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
101
JSON

The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the Jan 2023 CPU advisory.

  • Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Centralized Thirdparty Jars (Expat)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2022-25236)

  • Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (Apache HTTP Server)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2022-31813)

  • Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (OpenSSL)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2022-2274)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(170268);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/07");

  script_cve_id(
    "CVE-2018-25032",
    "CVE-2021-30641",
    "CVE-2021-42717",
    "CVE-2022-2274",
    "CVE-2022-22721",
    "CVE-2022-25236",
    "CVE-2022-27782",
    "CVE-2022-28615",
    "CVE-2022-29824",
    "CVE-2022-31813"
  );
  script_xref(name:"IAVA", value:"2023-A-0039");

  script_name(english:"Oracle HTTP Server (Jan 2023 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced
in the Jan 2023 CPU advisory.

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Centralized Thirdparty 
    Jars (Expat)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows 
    unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of 
    this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2022-25236)

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (Apache HTTP 
    Server)). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows 
    unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of 
    this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2022-31813)
    

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (OpenSSL)). 
    The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated 
    attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability 
    can result in takeover of Oracle HTTP Server. (CVE-2022-2274)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/docs/tech/security-alerts/cpujan2023cvrf.xml");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujan2023.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the January 2023 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-2274");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-31813");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/01/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/01/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/01/23");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_http_server_installed.nbin");
  script_require_keys("Oracle/OHS/Installed");

  exit(0);
}

include('oracle_http_server_patch_func.inc');

get_kb_item_or_exit('Oracle/OHS/Installed');
var install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');

var install = branch(install_list, key:TRUE, value:TRUE);

var patches = make_array();
patches['12.2.1.4'] = make_array('fix_ver', '12.2.1.4.221128', 'patch', '34840613');

oracle_http_server_check_vuln(
  install : install,
  min_patches : patches,
  severity : SECURITY_HOLE
);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware
oraclehttp_servercpe:/a:oracle:http_server

Related

cloudlinux 2
nessus 44
ibm 14
mageia 3
githubexploit 2
f5 6
osv 22
ubuntucve 7
cve 8
debian 5
prion 8
debiancve 8
httpd 4
cbl_mariner 11
veracode 8
rustsec 1
alpinelinux 8
openssl 1
freebsd 1
github 2
slackware 1
rocky 2
oraclelinux 6
redhatcve 6
zdi 1
cnvd 1
hackerone 3
thn 1
broadcom 1
aix 1
redos 1
fedora 3
amazon 2
packetstorm 1
zdt 1
redhat 2
checkpoint_advisories 1
cloudlinux
cloudlinux
Fixed CVEs in httpd: CVE-2022-31813, CVE-2022-28615, CVE-2022-26377
2022-06-28 20:14:01
Fixed CVE-2022-27782 in curl
2022-07-04 19:12:03
nessus
nessus
Tenable SecurityCenter 5.19.x / 5.20.x / 5.21.0 Multiple Vulnerabilities (TNS-2022-14)
2022-06-30 00:00:00
EulerOS 2.0 SP5 : mod_security (EulerOS-SA-2022-1332)
2022-03-21 00:00:00
Debian DSA-5023-1 : modsecurity-apache - security update
2021-12-19 00:00:00
ibm
ibm
Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to bypass security restrictions and obtain sensitive information due to multiple vulnerabilities.
2022-07-28 17:56:28
Security Bulletin: Vulnerability identified in WebSphere Application Server affects Cloud Pak System (CVE-2021-30641)
2021-07-14 22:33:16
Security Bulletin: Multiple Vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Remote Server
2021-06-28 18:00:22
mageia
mageia
Updated apache-mod_security packages fix security vulnerability
2021-12-22 02:27:37
Updated apache packages fix security vulnerability
2022-06-13 23:44:20
Updated libxml2 packages fix security vulnerability
2022-05-12 13:24:45
githubexploit
githubexploit
Exploit for Uncontrolled Recursion in Trustwave Modsecurity
2022-11-20 18:01:34
Exploit for Out-of-bounds Write in Openssl
2022-09-24 21:30:34
f5
f5
K50839343 : NGINX ModSecurity WAF vulnerability CVE-2021-42717
2021-12-03 00:00:00
K13815051 : Apache vulnerability CVE-2021-30641
2021-07-09 00:00:00
K59313410 : OpenSSL vulnerability CVE-2022-2274
2022-07-29 00:00:00
osv
osv
modsecurity-apache - security update
2022-05-28 00:00:00
CVE-2021-42717
2021-12-07 22:15:06
BIT-modsecurity2-2021-42717
2024-03-06 10:57:12
ubuntucve
ubuntucve
CVE-2021-42717
2021-12-07 00:00:00
CVE-2022-22721
2022-03-14 00:00:00
CVE-2022-28615
2022-06-09 00:00:00
cve
cve
CVE-2021-42717
2021-12-07 22:15:00
CVE-2021-30641
2021-06-10 07:15:00
CVE-2022-27782
2022-06-02 14:15:00
debian
debian
[SECURITY] [DLA 3031-1] modsecurity-apache security update
2022-05-28 07:43:01
[SECURITY] [DSA 5023-1] modsecurity-apache security update
2021-12-18 13:15:31
[SECURITY] [DSA 5142-1] libxml2 security update
2022-05-22 08:45:42
prion
prion
Design/Logic Flaw
2021-12-07 22:15:00
Integer overflow
2022-03-14 11:15:00
Code injection
2021-06-10 07:15:00
debiancve
debiancve
CVE-2021-42717
2021-12-07 22:15:00
CVE-2022-2274
2022-07-01 08:15:00
CVE-2022-22721
2022-03-14 11:15:00
httpd
httpd
Apache Httpd < 2.4.48 : Unexpected URL matching with 'MergeSlashes OFF'
2021-04-14 00:00:00
Apache Httpd < 2.4.54 : mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
2022-06-08 00:00:00
Apache Httpd < 2.4.54 : Read beyond bounds in ap_strcmp_match()
2022-06-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-30641 affecting package httpd 2.4.46-6
2021-07-08 21:56:40
CVE-2021-30641 affecting package httpd 2.4.46-10
2022-04-09 06:51:57
CVE-2022-27782 affecting package curl 7.83.0-1
2022-07-01 21:02:21
veracode
veracode
Denial Of Service(DoS)
2021-06-13 10:29:41
Remote Code Execution (RCE)
2022-07-04 15:15:45
Denial Of Service (DoS)
2022-05-05 02:55:45
rustsec
rustsec
Heap memory corruption with RSA private key operation
2022-07-05 12:00:00
alpinelinux
alpinelinux
CVE-2022-2274
2022-07-01 08:15:00
CVE-2022-22721
2022-03-14 11:15:00
CVE-2021-30641
2021-06-10 07:15:00
openssl
openssl
Vulnerability in OpenSSL CVE-2022-2274
2022-07-05 00:00:00
freebsd
freebsd
OpenSSL -- Heap memory corruption with RSA private key operation
2022-07-01 00:00:00
github
github
openssl-src heap memory corruption with RSA private key operation
2022-07-02 00:00:29
Integer Overflow or Wraparound in libxml2 affects Nokogiri
2022-05-18 20:06:48
slackware
slackware
[slackware-security] libxml2
2022-05-02 20:17:02
rocky
rocky
libxml2 security update
2022-06-28 10:52:13
libxml2 security update
2022-06-28 08:27:27
oraclelinux
oraclelinux
httpd:2.4 security update
2022-08-10 00:00:00
httpd security update
2022-08-04 00:00:00
httpd security update
2022-08-04 00:00:00
redhatcve
redhatcve
CVE-2022-31813
2022-06-08 20:02:05
CVE-2022-28615
2022-06-08 20:01:55
CVE-2022-22721
2022-03-15 14:43:53
zdi
zdi
Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability
2022-06-29 00:00:00
cnvd
cnvd
Apache HTTP Server Data Forgery Issue Vulnerability (CNVD-2022-73123)
2022-06-10 00:00:00
hackerone
hackerone
Internet Bug Bounty: Read beyond bounds in ap_strcmp_match() [zhbug_httpd_47.7]
2022-06-08 22:35:23
curl: CVE-2022-27782: TLS and SSH connection too eager reuse
2022-05-01 14:44:23
Internet Bug Bounty: CVE-2022-27782: TLS and SSH connection too eager reuse
2022-05-11 07:20:04
thn
thn
OpenSSL Releases Patch for High-Severity Bug that Could Lead to RCE Attacks
2022-07-06 13:38:00
broadcom
broadcom
CVE-2022-28615: Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read
2023-08-01 00:00:00
aix
aix
AIX is vulnerable to a denial of service due to libxml2
2022-09-12 15:07:01
redos
redos
ROS-20220516-08
2022-05-16 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: libxml2-2.9.14-1.fc34
2022-05-18 01:25:14
[SECURITY] Fedora 36 Update: libxml2-2.9.14-1.fc36
2022-05-07 05:16:39
[SECURITY] Fedora 35 Update: libxml2-2.9.14-1.fc35
2022-05-14 01:20:32
amazon
amazon
Medium: curl
2022-07-06 03:01:00
Medium: libxml2
2022-09-15 04:46:00
packetstorm
packetstorm
libxml2 xmlBufAdd Heap Buffer Overflow
2022-06-01 00:00:00
zdt
zdt
libxml2 xmlBufAdd Heap Buffer Overflow Exploit
2022-06-02 00:00:00
redhat
redhat
(RHSA-2022:5317) Moderate: libxml2 security update
2022-06-28 10:52:13
(RHSA-2022:5250) Moderate: libxml2 security update
2022-06-28 08:27:27
checkpoint_advisories
checkpoint_advisories
Expat XML Parser Remote Code Execution (CVE-2022-25236)
2022-08-15 00:00:00
JSON
Related for ORACLE_HTTP_SERVER_CPU_JAN_2023.NASL
cloudlinux2nessus44ibm14mageia3githubexploit2f56osv22ubuntucve7cve8debian5prion8debiancve8httpd4cbl_mariner11veracode8rustsec1alpinelinux8openssl1freebsd1github2slackware1rocky2oraclelinux6redhatcve6zdi1cnvd1hackerone3thn1broadcom1aix1redos1fedora3amazon2packetstorm1zdt1redhat2checkpoint_advisories1