Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2014 Greenbone AGOPENVAS:1361412562310804432
HistoryApr 18, 2014 - 12:00 a.m.

Oracle Database Server Multiple Unspecified Vulnerabilities-01 (Apr 2014)

2014-04-1800:00:00
Copyright (C) 2014 Greenbone AG
plugins.openvas.org
11

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.064

Percentile

93.7%

JSON

Oracle Database Server is prone to multiple unspecified vulnerabilities.

# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = 'cpe:/a:oracle:database_server';

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.804432");
  script_version("2024-02-19T14:37:31+0000");
  script_cve_id("CVE-2014-2406", "CVE-2014-2408");
  script_tag(name:"cvss_base", value:"8.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-19 14:37:31 +0000 (Mon, 19 Feb 2024)");
  script_tag(name:"creation_date", value:"2014-04-18 12:12:27 +0530 (Fri, 18 Apr 2014)");
  script_name("Oracle Database Server Multiple Unspecified Vulnerabilities-01 (Apr 2014)");
  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("Databases");
  script_mandatory_keys("OracleDatabaseServer/installed");
  script_dependencies("oracle_tnslsnr_version.nasl");

  script_xref(name:"URL", value:"http://secunia.com/advisories/57311");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/66884");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/66889");
  script_xref(name:"URL", value:"http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html");

  script_tag(name:"summary", value:"Oracle Database Server is prone to multiple unspecified vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist in Core RDBMS component, no further information
  available at this moment.");

  script_tag(name:"impact", value:"Successful exploitation will allow attackers to disclose sensitive
  information, manipulate certain data, and compromise a vulnerable system.");

  script_tag(name:"affected", value:"Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1");

  script_tag(name:"solution", value:"Updates are available. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!port = get_app_port(cpe:CPE)) exit(0);
if(!ver = get_app_version(cpe:CPE, port:port)) exit(0);

if(ver =~ "^(11\.[1|2]\.0|12\.1\.0)") {
  if(version_in_range(version:ver, test_version:"11.2.0.3", test_version2:"11.2.0.4") ||
     version_is_equal(version:ver, test_version:"12.1.0.1") ||
     version_is_equal(version:ver, test_version:"11.1.0.7")){
    report = report_fixed_ver(installed_version:ver, fixed_version:"See references for available updates.");
    security_message(port:port, data:report);
    exit(0);
  }
}

exit(99);

Related

nessus 1
prion 2
cvelist 2
nvd 2
cve 2
securityvulns 1
oracle 1
nessus
nessus
Oracle Database Multiple Vulnerabilities (April 2014 CPU)
2014-04-16 00:00:00
prion
prion
Design/Logic Flaw
2014-04-16 01:55:00
Design/Logic Flaw
2014-04-16 01:55:00
cvelist
cvelist
CVE-2014-2406
2014-04-16 01:00:00
CVE-2014-2408
2014-04-16 01:00:00
nvd
nvd
CVE-2014-2406
2014-04-16 01:55:10
CVE-2014-2408
2014-04-16 01:55:10
cve
cve
CVE-2014-2406
2014-04-16 01:55:10
CVE-2014-2408
2014-04-16 01:55:10
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities
2014-05-02 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2014
2014-04-15 00:00:00

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.064

Percentile

93.7%

JSON
Related for OPENVAS:1361412562310804432
nessus1prion2cvelist2nvd2cve2securityvulns1oracle1