Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2022 Tenable Network Security, Inc.WEBLOGIC_CR334468.NASL
HistoryNov 30, 2011 - 12:00 a.m.

Oracle WebLogic Multiple Authorizer Unspecified Privilege Escalation (CVE-2008-4009)

2011-11-3000:00:00
This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.
www.tenable.com
11

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified privilege escalation vulnerability that can occur for some resources when the server is configured with more than one authorizer, such as a XACMLAuthorizer and a DefaultAuthorizer.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(17737);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id("CVE-2008-4009");

  script_name(english:"Oracle WebLogic Multiple Authorizer Unspecified Privilege Escalation (CVE-2008-4009)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Oracle WebLogic Server has an unspecified privilege
escalation vulnerability.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported banner, the version of Oracle WebLogic
Server running on the remote host is affected by an unspecified
privilege escalation vulnerability that can occur for some resources
when the server is configured with more than one authorizer, such as a
XACMLAuthorizer and a DefaultAuthorizer.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/technetwork/topics/security/2802-092727.html");
  script_set_attribute(attribute:"solution", value:
"Install the install the 9.1 patch for CR334468.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/10/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/10/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/30");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:bea:weblogic_server");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:weblogic_server");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.");

  script_dependencies("weblogic_detect.nasl");
  script_require_keys("www/weblogic");
  script_require_ports("Services/www", 80, 7001);

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:7001);

get_kb_item_or_exit("www/weblogic/" + port + "/installed");

version = get_kb_item_or_exit("www/weblogic/" + port + "/version", exit_code:1);
service_pack = get_kb_item("www/weblogic/" + port + "/service_pack");

if (isnull(service_pack)) version_ui = version;
else version_ui = version + ' ' + service_pack;

fix = '';
if (version == "9.1" && isnull(service_pack))
{
  fix = '9.1 with CR334468';
}
else exit(0, "The Oracle WebLogic "+version_ui+" install listening on port "+port+" is not affected.");

cr_patch = "CR334468";
if (get_kb_item("www/weblogic/" + port + "/cr_patches/" + cr_patch))
  exit(0, "The Oracle WebLogic "+version_ui+" install listening on port "+port+" is not affected since it has the patch for "+cr_patch+".");

if (report_verbosity > 0) 
{
  source = get_kb_item_or_exit("www/weblogic/" + port + "/source", exit_code:1);
  report = 
    '\n  Source            : ' + source +
    '\n  Installed version : ' + version_ui +
    '\n  Fixed version     : ' + fix +
    '\n';
  security_warning(port:port, extra:report);
}
else security_warning(port);
VendorProductVersionCPE
beaweblogic_servercpe:/a:bea:weblogic_server
oracleweblogic_servercpe:/a:oracle:weblogic_server

Related

cvelist 1
cve 1
nvd 1
prion 1
oracle 1
seebug 1
cvelist
cvelist
CVE-2008-4009
2008-10-14 21:00:00
cve
cve
CVE-2008-4009
2008-10-14 21:11:11
nvd
nvd
CVE-2008-4009
2008-10-14 21:11:11
prion
prion
Code injection
2008-10-14 21:11:00
oracle
oracle
CPUOct2008 Advisory
2008-10-14 00:00:00
seebug
seebug
Oracle 2008年10月紧急补丁更新修复多个漏洞
2008-10-20 00:00:00

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON
Related for WEBLOGIC_CR334468.NASL
cvelist1cve1nvd1prion1oracle1seebug1