Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_HTTP_SERVER_CPU_OCT_2018.NASL
HistoryApr 16, 2019 - 12:00 a.m.

Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU)

2019-04-1600:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
JSON

The version of Oracle HTTP Server installed on the remote host is affected by vulnerabilities as noted in the October 2018 CPU advisory:

  • A vulnerability exists in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener (curl)). The affected version is 12.2.1.3. This is a difficult to exploit vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. A successful attacks requires human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2018-1000300)

  • A denial of service (DoS) vulnerability exists in curl due to Buffer Over-read. Affected versions are from curl version 7.20.0 to curl 7.59.0. The vulnerable component can be tricked into reading data beyond the end of the heap.
    An unauthenticated attacked with network access can exploit this issue to cause the application to stop responding.
    (CVE-2018-1000301)

  • A buffer over-read vulnerability exists in curl that could lead to information leakage. Affected versions are from 7.20.0 to curl 7.58.0. A vulnerability in the RTSP+RTP handling code could allows an attacker to cause a denial of service or information leakage. An unauthenticated attacked with network access can exploit this vulnerability to cause a denial of service (DoS) or to leak information from the vulnerable application.
    (CVE-2018-1000122)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(124090);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id(
    "CVE-2018-1000120",
    "CVE-2018-1000121",
    "CVE-2018-1000122",
    "CVE-2018-1000300",
    "CVE-2018-1000301"
  );
  script_bugtraq_id(
    103414,
    103415,
    103436,
    104207,
    104225
  );

  script_name(english:"Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote web server is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle HTTP Server installed on the remote host is
affected by vulnerabilities as noted in the October 2018 CPU advisory:

  - A vulnerability exists in the Oracle HTTP Server component
    of Oracle Fusion Middleware (subcomponent: Web Listener
    (curl)). The affected version is 12.2.1.3. This is a 
    difficult to exploit vulnerability that allows an
    unauthenticated attacker with network access via HTTP to
    compromise Oracle HTTP Server. A successful attacks
    requires human interaction from a person other than the
    attacker. Successful attacks of this vulnerability can
    result in takeover of Oracle HTTP Server. (CVE-2018-1000300)
    
  - A denial of service (DoS) vulnerability exists in curl due
    to Buffer Over-read. Affected versions are from curl version
    7.20.0 to curl 7.59.0. The vulnerable component can be
    tricked into reading data beyond the end of the heap.
    An unauthenticated attacked with network access can exploit
    this issue to cause the application to stop responding.
    (CVE-2018-1000301)

  - A buffer over-read vulnerability exists in curl that could lead to
    information leakage. Affected versions are from  7.20.0 to
    curl 7.58.0. A vulnerability in the RTSP+RTP handling code
    could allows an attacker to cause a denial of service or
    information leakage. An unauthenticated attacked with 
    network access can exploit this vulnerability to cause
    a denial of service (DoS) or to leak information
    from the vulnerable application.
    (CVE-2018-1000122)");
  # https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?705136d8");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2018 Oracle Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1000300");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/01/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_http_server_installed.nbin");
  script_require_keys("Oracle/OHS/Installed");

  exit(0);
}

include('oracle_http_server_patch_func.inc');

get_kb_item_or_exit('Oracle/OHS/Installed');
install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');

install = branch(install_list, key:TRUE, value:TRUE);

patches = make_array();
patches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.180710', 'patch', '28281599');

oracle_http_server_check_vuln(
  install : install,
  min_patches : patches,
  severity : SECURITY_HOLE
);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware
oraclehttp_servercpe:/a:oracle:http_server

Related

ibm 10
ubuntu 3
openvas 33
nessus 52
amazon 4
mageia 1
oraclelinux 1
redhat 4
centos 1
fedora 10
osv 10
debian 4
archlinux 12
cloudfoundry 2
slackware 2
altlinux 2
photon 6
suse 2
gentoo 2
freebsd 1
ubuntucve 5
debiancve 5
prion 5
veracode 5
redhatcve 5
alpinelinux 5
cve 5
f5 1
github 1
ibm
ibm
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in curl
2023-12-07 22:45:02
Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerabilities in curl
2023-12-07 22:45:02
Security Bulletin: Vulnerabilities in curl affect PowerKVM
2018-12-17 14:20:01
ubuntu
ubuntu
curl vulnerabilities
2018-05-24 00:00:00
curl vulnerabilities
2018-03-15 00:00:00
curl vulnerabilities
2018-05-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3598-2)
2022-08-26 00:00:00
Fedora Update for curl FEDORA-2018-66c96e0024
2018-03-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1323-1)
2021-06-09 00:00:00
nessus
nessus
EulerOS 2.0 SP3 : curl (EulerOS-SA-2018-1203)
2018-07-03 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : curl Multiple Vulnerabilities (NS-SA-2019-0039)
2019-08-12 00:00:00
RHEL 7 : curl and nss-pem (RHSA-2018:3157)
2018-10-31 00:00:00
amazon
amazon
Medium: nss-pem
2019-01-07 21:51:00
Medium: curl
2018-04-19 04:55:00
Medium: curl
2018-04-19 04:56:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2018-10-30 21:01:43
oraclelinux
oraclelinux
curl and nss-pem security and bug fix update
2018-11-05 00:00:00
redhat
redhat
(RHSA-2020:0594) Moderate: curl security update
2020-02-25 11:32:48
(RHSA-2018:3157) Moderate: curl and nss-pem security and bug fix update
2018-10-30 04:24:21
(RHSA-2020:0544) Moderate: curl security update
2020-02-18 13:56:21
centos
centos
curl, libcurl, nss security update
2018-11-15 18:44:09
fedora
fedora
[SECURITY] Fedora 27 Update: curl-7.55.1-10.fc27
2018-03-20 18:26:44
[SECURITY] Fedora 28 Update: curl-7.59.0-2.fc28
2018-03-30 13:33:07
[SECURITY] Fedora 26 Update: curl-7.53.1-16.fc26
2018-03-20 17:38:42
osv
osv
curl - security update
2018-03-18 00:00:00
curl - security update
2018-03-14 00:00:00
CVE-2018-1000301
2018-05-24 13:29:01
debian
debian
[SECURITY] [DLA 1309-1] curl security update
2018-03-18 21:22:09
[SECURITY] [DSA 4136-1] curl security update
2018-03-14 21:36:51
[SECURITY] [DSA 4202-1] curl security update
2018-05-16 20:14:47
archlinux
archlinux
[ASA-201803-20] lib32-libcurl-gnutls: multiple issues
2018-03-19 00:00:00
[ASA-201803-18] lib32-libcurl-compat: multiple issues
2018-03-19 00:00:00
[ASA-201803-15] curl: multiple issues
2018-03-19 00:00:00
cloudfoundry
cloudfoundry
USN-3598-1: curl vulnerabilities | Cloud Foundry
2018-04-04 00:00:00
USN-3648-1: curl vulnerabilities | Cloud Foundry
2018-06-05 00:00:00
slackware
slackware
[slackware-security] curl
2018-03-16 04:18:28
[slackware-security] curl
2018-05-17 04:13:54
altlinux
altlinux
Security fix for the ALT Linux 8 package curl version 7.59.0-alt1
2018-03-31 00:00:00
Security fix for the ALT Linux 8 package curl version 7.60.0-alt1
2018-05-16 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0124
2018-04-13 00:00:00
Critical Photon OS Security Update - PHSA-2018-0124
2018-04-13 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0158
2018-07-09 00:00:00
suse
suse
Security update for curl (moderate)
2018-06-09 15:09:49
Security update for curl (moderate)
2018-05-18 18:07:02
gentoo
gentoo
cURL: Multiple vulnerabilities
2018-06-19 00:00:00
cURL: Multiple vulnerabilities
2018-04-08 00:00:00
freebsd
freebsd
cURL -- multiple vulnerabilities
2018-05-16 00:00:00
ubuntucve
ubuntucve
CVE-2018-1000300
2018-05-16 00:00:00
CVE-2018-1000120
2018-03-14 00:00:00
CVE-2018-1000122
2018-03-14 00:00:00
debiancve
debiancve
CVE-2018-1000300
2018-05-24 13:29:00
CVE-2018-1000121
2018-03-14 18:29:00
CVE-2018-1000122
2018-03-14 18:29:00
prion
prion
Heap overflow
2018-05-24 13:29:00
Buffer overflow
2018-03-14 18:29:00
Null pointer dereference
2018-03-14 18:29:00
veracode
veracode
Denial Of Service (DoS)
2019-06-10 03:14:15
Denial Of Service (DoS)
2019-05-16 03:19:16
Buffer Overread
2018-05-28 07:06:06
redhatcve
redhatcve
CVE-2018-1000300
2018-05-16 07:50:00
CVE-2018-1000120
2018-03-14 07:49:14
CVE-2018-1000122
2018-03-14 07:49:32
alpinelinux
alpinelinux
CVE-2018-1000300
2018-05-24 13:29:00
CVE-2018-1000120
2018-03-14 18:29:00
CVE-2018-1000121
2018-03-14 18:29:00
cve
cve
CVE-2018-1000300
2018-05-24 13:29:00
CVE-2018-1000120
2018-03-14 18:29:00
CVE-2018-1000122
2018-03-14 18:29:00
f5
f5
K22052524 : cURL and libcurl vulnerability CVE-2018-1000120
2018-04-13 00:00:00
github
github
curl FTP path confusion leads to NIL byte out of bounds write
2022-05-14 00:58:02
JSON
Related for ORACLE_HTTP_SERVER_CPU_OCT_2018.NASL
ibm10ubuntu3openvas33nessus52amazon4mageia1oraclelinux1redhat4centos1fedora10osv10debian4archlinux12cloudfoundry2slackware2altlinux2photon6suse2gentoo2freebsd1ubuntucve5debiancve5prion5veracode5redhatcve5alpinelinux5cve5f51github1