Lucene search
K

Sun Java System Web Proxy Server Unspecified Remote Overflow

🗓️ 21 Apr 2005 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 23 Views

Remote buffer overflow vulnerability in Sun Java System Web Proxy. Upgrade to 3.6 SP7 or higher.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Tenable Nessus
SunOne Web Proxy < 3.6 SP7 Unspecified Remote Buffer Overflows
20 Apr 200500:00
nessus
CVE
CVE-2005-1232
24 Apr 200504:00
cve
Cvelist
CVE-2005-1232
24 Apr 200504:00
cvelist
EUVD
EUVD-2005-1235
7 Oct 202500:30
euvd
NVD
CVE-2005-1232
2 May 200504:00
nvd
#
# (C) Tenable Network Security, Inc.
#

include( 'compat.inc' );

if(description)
{
  script_id(18114);
  script_version("1.15");
  script_cve_id("CVE-2005-1232");
  script_bugtraq_id(13268);

  script_name(english:"Sun Java System Web Proxy Server Unspecified Remote Overflow");
  script_summary(english:"Checks for version of SunOne Web Proxy");

  script_set_attribute(
    attribute:'synopsis',
    value:'The remote service is vulnerable to a buffer overflow.'
  );

  script_set_attribute(
    attribute:'description',
    value:'The remote host is running the SunOne Web Proxy. This version is reported
vulnerable to a number of remote buffer overflows.  Alledgedly, 
successful exploitation would result in the attacker executing 
arbitrary commands on the remote SunOne Web Proxy server.'
  );

  script_set_attribute(
    attribute:'solution',
    value:'Upgrade to 3.6 SP7 or higher.'
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(
    attribute:'see_also',
    value:'https://download.oracle.com/sunalerts/1001227.1.html'
  );

 script_set_attribute(attribute:"plugin_publication_date", value: "2005/04/21");
 script_set_attribute(attribute:"vuln_publication_date", value: "2005/04/19");
 script_set_attribute(attribute:"patch_publication_date", value: "2005/04/19");
 script_cvs_date("Date: 2018/11/15 20:50:25");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"Web Servers");
 script_dependencie("http_version.nasl");
 script_require_ports("Services/www", 80, 443);
 exit(0);
}

#
# The script code starts here
#

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:80);

banner = get_http_banner(port: port);
if(!banner)exit(0);

if(ereg(pattern:"^Forwarded: .* \(Sun-ONE-Web-Proxy-Server/([0-2]\..*|3\.([0-5]\..*|6(\)|-SP[0-6])))", string:banner))
 {
   security_hole(port);
 }

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

15 Nov 2018 20:50Current
5.9Medium risk
Vulners AI Score5.9
CVSS 27.5
EPSS0.03397
23