Lucene search
Copyright (C) 2010 Greenbone AGOPENVAS:1361412562310100577HistoryApr 15, 2010 - 12:00 a.m.
Oracle Java System Directory Server Multiple Remote Vulnerabilities
2010-04-1500:00:00
Copyright (C) 2010 Greenbone AG
plugins.openvas.org
9
Oracle Java System Directory Server is prone to multiple remote
vulnerabilities.
# SPDX-FileCopyrightText: 2010 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.100577");
script_version("2023-07-28T16:09:07+0000");
script_tag(name:"last_modification", value:"2023-07-28 16:09:07 +0000 (Fri, 28 Jul 2023)");
script_tag(name:"creation_date", value:"2010-04-15 19:15:10 +0200 (Thu, 15 Apr 2010)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_cve_id("CVE-2010-0897");
script_name("Oracle Java System Directory Server Multiple Remote Vulnerabilities");
script_category(ACT_GATHER_INFO);
script_family("General");
script_copyright("Copyright (C) 2010 Greenbone AG");
script_dependencies("sun_dir_server_detect.nasl");
script_require_ports("Services/ldap", 389, 636);
script_mandatory_keys("SunJavaDirServer/installed", "ldap/detected");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/39453");
script_xref(name:"URL", value:"http://www.zerodayinitiative.com/advisories/ZDI-10-073/");
script_xref(name:"URL", value:"http://www.zerodayinitiative.com/advisories/ZDI-10-074/");
script_xref(name:"URL", value:"http://www.zerodayinitiative.com/advisories/ZDI-10-075/");
script_xref(name:"URL", value:"http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html");
script_tag(name:"solution", value:"Vendor updates are available. Please contact the vendor for more
information.");
script_tag(name:"summary", value:"Oracle Java System Directory Server is prone to multiple remote
vulnerabilities.");
script_tag(name:"impact", value:"These vulnerabilities can be exploited over the 'LDAP' and 'HTTP'
protocols. Remote attackers can exploit these issues without authenticating.
Successful exploits will allow attackers to exploit arbitrary code in
the context of the vulnerable application or cause denial-of-service
conditions.");
script_tag(name:"affected", value:"These vulnerabilities affect the following supported versions:
5.2, 6.0, 6.1, 6.2, 6.3, 6.3.1.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"remote_banner");
exit(0);
}
include("version_func.inc");
include("ldap.inc");
include("misc_func.inc");
include("port_service_func.inc");
port = ldap_get_port(default:389);
if(!version = get_kb_item("ldap/" + port + "/SunJavaDirServer"))
exit(0);
if(!isnull(version)) {
if(version_in_range(version:version, test_version:"6", test_version2:"6.3.1") ||
version_is_equal(version:version, test_version:"5.2")) {
report = report_fixed_ver(installed_version:version, fixed_version:"See references");
security_message(port:port, data:report);
exit(0);
}
}
exit(99);
Related
prion
prion
Design/Logic Flaw
2010-04-13 22:30:00
securityvulns
securityvulns
zdi
zdi
cvelist
cvelist
CVE-2010-0897
2010-04-13 22:00:00
cve
cve
CVE-2010-0897
2010-04-13 22:30:00
oracle
oracle
Security | Oracle Critical Patch Update - April 2010
2010-04-13 00:00:00
6.3 Medium
AI Score
Confidence
Low
0.046 Low
EPSS
Percentile
92.5%
Related for OPENVAS:1361412562310100577