Lucene search
This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_RDBMS_CPU_JAN_2012.NASLHistoryJan 18, 2012 - 12:00 a.m.
Oracle Database Multiple Vulnerabilities (January 2012 CPU)
2012-01-1800:00:00
This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.011 Low
EPSS
Percentile
84.4%
The remote Oracle database server is missing the January 2012 Critical Patch Update (CPU) and, therefore, is potentially affected by security issues in the following components :
-
Core RDBMS
-
Listener
#%NASL_MIN_LEVEL 70300
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(57589);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");
script_cve_id("CVE-2012-0072", "CVE-2012-0082");
script_bugtraq_id(51453, 51458);
script_name(english:"Oracle Database Multiple Vulnerabilities (January 2012 CPU)");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple
vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote Oracle database server is missing the January 2012
Critical Patch Update (CPU) and, therefore, is potentially affected by
security issues in the following components :
- Core RDBMS
- Listener");
# http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?11da589e");
script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the January 2012 Oracle
Critical Patch Update advisory.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/01/17");
script_set_attribute(attribute:"patch_publication_date", value:"2012/01/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/18");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:database_server");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("oracle_rdbms_query_patch_info.nbin", "oracle_rdbms_patch_info.nbin");
exit(0);
}
include("oracle_rdbms_cpu_func.inc");
################################################################################
# JAN2012
patches = make_nested_array();
# RDBMS 11.1.0.7
patches["11.1.0.7"]["db"]["nix"] = make_array("patch_level", "11.1.0.7.10", "CPU", "13343453, 13343461");
patches["11.1.0.7"]["db"]["win32"] = make_array("patch_level", "11.1.0.7.43", "CPU", "13460955");
patches["11.1.0.7"]["db"]["win64"] = make_array("patch_level", "11.1.0.7.43", "CPU", "13460956");
# RDBMS 11.2.0.2
patches["11.2.0.2"]["db"]["nix"] = make_array("patch_level", "11.2.0.2.5", "CPU", "13343244, 13343424");
patches["11.2.0.2"]["db"]["win32"] = make_array("patch_level", "11.2.0.2.15", "CPU", "13413154");
patches["11.2.0.2"]["db"]["win64"] = make_array("patch_level", "11.2.0.2.15", "CPU", "13413155");
# RDBMS 11.2.0.3
patches["11.2.0.3"]["db"]["nix"] = make_array("patch_level", "11.2.0.3.1", "CPU", "13466801, 13343438");
patches["11.2.0.3"]["db"]["win32"] = make_array("patch_level", "11.2.0.3.1", "CPU", "13413167");
patches["11.2.0.3"]["db"]["win64"] = make_array("patch_level", "11.2.0.3.1", "CPU", "13413168");
# RDBMS 10.1.0.5
patches["10.1.0.5"]["db"]["nix"] = make_array("patch_level", "10.1.0.5.24", "CPU", "13343482");
patches["10.1.0.5"]["db"]["win32"] = make_array("patch_level", "10.1.0.5.44", "CPU", "13413002");
# RDBMS 10.2.0.5
patches["10.2.0.5"]["db"]["nix"] = make_array("patch_level", "10.2.0.5.6", "CPU", "13343467, 13343471");
patches["10.2.0.5"]["db"]["win32"] = make_array("patch_level", "10.2.0.5.14", "CPU", "13460967");
patches["10.2.0.5"]["db"]["win64"] = make_array("patch_level", "10.2.0.5.14", "CPU", "13460968");
# RDBMS 10.2.0.4
patches["10.2.0.4"]["db"]["nix"] = make_array("patch_level", "10.2.0.4.11", "CPU", "12879912, 12879929");
patches["10.2.0.4"]["db"]["win32"] = make_array("patch_level", "10.2.0.4.48", "CPU", "13654060");
check_oracle_database(patches:patches);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | database_server | cpe:/a:oracle:database_server |
Related
nvd
nvd
CVE-2012-0082
2012-01-18 22:55:05
CVE-2012-0072
2012-01-18 22:55:04
cvelist
cvelist
CVE-2012-0072
2012-01-18 22:00:00
CVE-2012-0082
2012-01-18 22:00:00
cve
cve
CVE-2012-0082
2012-01-18 22:55:05
CVE-2012-0072
2012-01-18 22:55:04
prion
prion
Design/Logic Flaw
2012-01-18 22:55:00
Design/Logic Flaw
2012-01-18 22:55:00
securityvulns
securityvulns
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.011 Low
EPSS
Percentile
84.4%
Related for ORACLE_RDBMS_CPU_JAN_2012.NASL