Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2018 Greenbone AGOPENVAS:1361412562310812796
HistoryMar 07, 2018 - 12:00 a.m.

Oracle Database Server Multiple Unspecified Vulnerabilities-02 (Mar 2018)

2018-03-0700:00:00
Copyright (C) 2018 Greenbone AG
plugins.openvas.org
10

9.3 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON

Oracle Database Server is prone to multiple unspecified security vulnerabilities.

# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:oracle:database_server";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.812796");
  script_version("2024-02-20T05:05:48+0000");
  script_cve_id("CVE-2011-0870", "CVE-2011-0848", "CVE-2011-0831", "CVE-2011-0816",
                "CVE-2011-0876", "CVE-2011-0879", "CVE-2011-2244", "CVE-2011-2257");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-20 05:05:48 +0000 (Tue, 20 Feb 2024)");
  script_tag(name:"creation_date", value:"2018-03-07 15:14:30 +0530 (Wed, 07 Mar 2018)");
  script_name("Oracle Database Server Multiple Unspecified Vulnerabilities-02 (Mar 2018)");

  script_tag(name:"summary", value:"Oracle Database Server is prone to multiple unspecified security vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to multiple unspecified
  errors in components 'Instance Management', 'Enterprise Manager Console',
  'Enterprise Config Management', 'CMDB Metadata & Instance APIs', 'Security
  Framework', 'Schema Management' and 'Database Target Type Menus'.");

  script_tag(name:"impact", value:"Successfully exploitation will allow remote
  attackers to affect confidentiality, integrity, and availability via unknown
  vectors.");

  script_tag(name:"affected", value:"Oracle Database Server versions
  10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2");

  script_tag(name:"solution", value:"Apply the patch from the referenced advisory.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_xref(name:"URL", value:"https://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html");
  script_copyright("Copyright (C) 2018 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("Databases");
  script_dependencies("oracle_tnslsnr_version.nasl");
  script_mandatory_keys("OracleDatabaseServer/installed");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!dbport = get_app_port(cpe:CPE)){
  exit(0);
}

if(!infos = get_app_version_and_location(cpe:CPE, port:dbport, exit_no_version:TRUE)) exit(0);
dbVer = infos['version'];
path = infos['location'];

affected = make_list('10.1.0.5', '10.2.0.3', '10.2.0.4', '10.2.0.5', '11.1.0.7', '11.2.0.1', '11.2.0.2');
foreach version (affected)
{
  if(dbVer == version)
  {
    report = report_fixed_ver(installed_version:dbVer, fixed_version: "Apply the patch", install_path:path);
    security_message(port:dbport, data:report);
    exit(0);
  }
}
exit(0);

Related

securityvulns 2
prion 8
nessus 5
cve 8
ubuntucve 1
oracle 1
openvas 21
suse 1
ubuntu 1
oraclelinux 2
fedora 8
gentoo 1
securityvulns
securityvulns
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page)
2011-08-01 00:00:00
Oracle / Sun / Peoplesoft applications multiple security vulnerabilities
2011-08-01 00:00:00
prion
prion
Design/Logic Flaw
2011-07-20 23:55:00
Design/Logic Flaw
2011-07-20 22:55:00
Authentication flaw
2011-07-20 23:55:00
nessus
nessus
Oracle Database Multiple Vulnerabilities (July 2011 CPU)
2011-07-20 00:00:00
openSUSE Security Update : icedtea-web (openSUSE-SU-2011:0706-1)
2014-06-13 00:00:00
openSUSE Security Update : icedtea-web (openSUSE-SU-2011:0706-1)
2014-06-13 00:00:00
cve
cve
CVE-2011-2257
2011-07-20 23:55:00
CVE-2011-2244
2011-07-20 23:55:00
CVE-2011-0876
2011-07-20 22:55:00
ubuntucve
ubuntucve
CVE-2011-0870
2011-06-17 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2011
2011-12-15 00:00:00
openvas
openvas
Fedora Update for java-1.6.0-openjdk FEDORA-2011-8028
2011-07-12 00:00:00
Oracle: Security Advisory (ELSA-2011-0856)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2011-0857)
2015-10-06 00:00:00
suse
suse
java-1_6_0-openjdk (important)
2011-06-28 13:08:22
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2011-06-17 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-06-08 00:00:00
java-1.6.0-openjdk security update
2011-06-08 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: java-1.6.0-openjdk-1.6.0.0-58.1.10.2.fc15
2011-06-15 05:44:07
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-53.1.9.8.fc14
2011-06-11 04:18:13
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13
2011-06-15 05:33:46
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00

9.3 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.2%

JSON
Related for OPENVAS:1361412562310812796
securityvulns2prion8nessus5cve8ubuntucve1oracle1openvas21suse1ubuntu1oraclelinux2fedora8gentoo1