Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310807038
HistoryJan 25, 2016 - 12:00 a.m.

Oracle Database Server Multiple Unspecified Vulnerabilities -04 (Jan 2016)

2016-01-2500:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
34

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON

Oracle Database Server is prone to multiple unspecified vulnerabilities.

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:oracle:database_server";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.807038");
  script_version("2024-02-20T05:05:48+0000");
  script_cve_id("CVE-2014-4245", "CVE-2014-2478", "CVE-2015-0371", "CVE-2015-0370",
                "CVE-2014-6578", "CVE-2014-6514", "CVE-2014-6544", "CVE-2014-4289");
  script_tag(name:"cvss_base", value:"6.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-20 05:05:48 +0000 (Tue, 20 Feb 2024)");
  script_tag(name:"creation_date", value:"2016-01-25 14:59:25 +0530 (Mon, 25 Jan 2016)");
  script_name("Oracle Database Server Multiple Unspecified Vulnerabilities -04 (Jan 2016)");

  script_tag(name:"summary", value:"Oracle Database Server is prone to multiple unspecified vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to:

  - multiple unspecified vulnerabilities in RDBMS Core component.

  - an unspecified vulnerability in the Workspace Manager component.

  - an unspecified vulnerability in PL/SQL component.

  - an unspecified vulnerability in the JDBC component.");

  script_tag(name:"impact", value:"Successfully exploitation will allow remote
  authenticated attackers to affect confidentiality, integrity, and availability
  via unknown vectors.");

  script_tag(name:"affected", value:"Oracle Database Server versions
  11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1");

  script_tag(name:"solution", value:"Apply the patche from the referenced advisory.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_xref(name:"URL", value:"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/68617");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/70547");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/72163");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/72171");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/72149");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/72166");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/70541");
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("Databases");
  script_dependencies("oracle_tnslsnr_version.nasl");
  script_mandatory_keys("OracleDatabaseServer/installed");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!dbPort = get_app_port(cpe:CPE)){
  exit(0);
}

if(!dbVer = get_app_version(cpe:CPE, port:dbPort)){
  exit(0);
}

if(dbVer =~ "^(12|11)")
{
  if(version_is_equal(version:dbVer, test_version:"11.2.0.4") ||
     version_is_equal(version:dbVer, test_version:"11.2.0.3") ||
     version_is_equal(version:dbVer, test_version:"11.1.0.7") ||
     version_is_equal(version:dbVer, test_version:"12.1.0.1"))
  {
    report = report_fixed_ver(installed_version:dbVer, fixed_version:"Apply the appropriate patch");
    security_message(data:report, port:dbPort);
    exit(0);
  }
}

Related

prion 9
cve 9
cvelist 9
nessus 3
ibm 3
f5 2
securityvulns 3
oracle 3
prion
prion
Design/Logic Flaw
2014-10-15 22:55:00
Design/Logic Flaw
2014-10-15 15:55:00
Design/Logic Flaw
2015-01-21 15:28:00
cve
cve
CVE-2014-6544
2014-10-15 22:55:00
CVE-2014-4289
2014-10-15 15:55:00
CVE-2014-6578
2015-01-21 15:28:00
cvelist
cvelist
CVE-2014-4289
2014-10-15 15:15:00
CVE-2014-6544
2014-10-15 22:03:00
CVE-2014-6578
2015-01-21 15:00:00
nessus
nessus
Oracle Database Multiple Vulnerabilities (January 2015 CPU)
2015-01-22 00:00:00
Oracle Database Multiple Vulnerabilities (July 2014 CPU)
2014-07-16 00:00:00
Oracle Database Multiple Vulnerabilities (October 2014 CPU)
2014-10-17 00:00:00
ibm
ibm
Security Bulletin: IBM OpenPages Platform with Database is affected by multiple vulnerabilities
2018-06-15 22:42:21
Security Bulletin: Multiple vulnerabilities had been identified in Oracle Database related to the RDBMS Core component. (CVE-2014-4236 and CVE-2014-4245)
2018-06-17 14:49:34
Security Bulletin: IBM OpenPages Platform with Database vulnerabilities.
2018-06-15 22:42:38
f5
f5
K15892 : Oracle Database Server vulnerabilities CVE-2013-3751, CVE-2013-3774, CVE-2014-4236, CVE-2014-4237, and CVE-2014-4245
2014-12-05 00:00:00
SOL15892 - Oracle Database Server vulnerabilities CVE-2013-3751, CVE-2013-3774, CVE-2014-4236, CVE-2014-4237, and CVE-2014-4245
2014-12-04 00:00:00
securityvulns
securityvulns
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-01-25 00:00:00
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2014-11-03 00:00:00
Oracle / Sun / PeopleSoft / MySQL applications security vulnerabilities
2014-07-21 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00
Oracle Critical Patch Update - July 2014
2014-07-15 00:00:00

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON
Related for OPENVAS:1361412562310807038
prion9cve9cvelist9nessus3ibm3f52securityvulns3oracle3