Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasThis script is Copyright (C) 2012 Greenbone Networks GmbHOPENVAS:802624
HistoryMay 07, 2012 - 12:00 a.m.

Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities

2012-05-0700:00:00
This script is Copyright (C) 2012 Greenbone Networks GmbH
plugins.openvas.org
22

0.861 High

EPSS

Percentile

98.3%

JSON

This host is running Oracle GlassFish Server and is prone to
multiple vulnerabilities.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_oracle_glassfish_server_mult_vuln.nasl 5956 2017-04-14 09:02:12Z teissa $
#
# Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities
#
# Authors:
# Sooraj KS <[email protected]>
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_solution = "Apply the patch from below link,
  http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

  *****
  NOTE: Ignore this warning, if above mentioned patch is manually applied.
  *****";

tag_impact = "Successful exploitation will allow remote attackers to insert arbitrary HTML
  and script code, which will be executed in a user's browser session in the
  context of an affected site.
  Impact Level: Application";
tag_affected = "Oracle GlassFish Server version 3.1.1";
tag_insight = "Multiple flaws are due to
  - Input passed via multiple parameters to various scripts is not properly
    sanitised before being returned to the user. This can be exploited to
    execute arbitrary HTML and script code in a user's browser session in
    context of an affected site.
  - The application allows users to perform certain actions via HTTP requests
    without performing proper validity checks to verify the requests.";
tag_summary = "This host is running Oracle GlassFish Server and is prone to
  multiple vulnerabilities.";

if(description)
{
  script_id(802624);
  script_version("$Revision: 5956 $");
  script_bugtraq_id(53118, 53136);
  script_cve_id("CVE-2012-0550", "CVE-2012-0551");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $");
  script_tag(name:"creation_date", value:"2012-05-07 16:16:16 +0530 (Mon, 07 May 2012)");
  script_name("Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities");

  script_xref(name : "URL" , value : "http://secunia.com/advisories/48798");
  script_xref(name : "URL" , value : "http://securitytracker.com/id/1026941");
  script_xref(name : "URL" , value : "http://www.exploit-db.com/exploits/18764");
  script_xref(name : "URL" , value : "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html");
  script_xref(name : "URL" , value : "http://www.security-assessment.com/files/documents/advisory/Oracle_GlassFish_Server_REST_CSRF.pdf");
  script_xref(name : "URL" , value : "http://www.security-assessment.com/files/documents/advisory/Oracle_GlassFish_Server_Multiple_XSS.pdf");

  script_tag(name:"qod_type", value:"remote_banner");
  script_category(ACT_GATHER_INFO);
  script_copyright("This script is Copyright (C) 2012 Greenbone Networks GmbH");
  script_family("Web Servers");
  script_dependencies("GlassFish_detect.nasl");
  script_require_keys("GlassFish/installed");
  script_require_ports("Services/www", 8080);
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "solution" , value : tag_solution);
  exit(0);
}


include("http_func.inc");
include("version_func.inc");

## Variable Initialization
port = 0;
ver = NULL;

## Get HTTP Port
port = get_http_port(default:8080);
if(!port){
  exit(0);
}

## Get Version from KB
if(ver = get_kb_item(string( "www/", port, "/GlassFish")))
{
  ## Check for Oracle GlassFish Server version 3.1.1
  if(version_is_equal(version: ver, test_version: "3.1.1")){
    security_message(port:port);
  }
}

Related

nessus 15
openvas 3
checkpoint_advisories 3
debiancve 2
prion 2
veracode 11
cve 2
cvelist 2
redhat 6
suse 2
ibm 3
securityvulns 2
oracle 1
nessus
nessus
Oracle GlassFish Server 3.1.1 < 3.1.1.3 Multiple Vulnerabilities (April 2012 CPU)
2012-04-24 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8284)
2012-09-29 00:00:00
SuSE 11.2 Security Update : IBM Java (SAT Patch Number 6793)
2013-01-25 00:00:00
openvas
openvas
Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities
2012-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1265-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1231-1)
2021-06-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle GlassFish Enterprise Server REST Interface Cross Site Request Forgery (CVE-2012-0550)
2012-10-14 00:00:00
Oracle GlassFish Enterprise Server Multiple Reflected XSS Vulnerabilities (CVE-2012-0551)
2012-08-21 00:00:00
Oracle GlassFish Enterprise Server Multiple Stored XSS Vulnerabilities (CVE-2012-0551)
2012-09-04 00:00:00
debiancve
debiancve
CVE-2012-0550
2012-05-03 18:55:00
CVE-2012-0551
2012-05-03 18:55:00
prion
prion
Design/Logic Flaw
2012-05-03 18:55:00
Design/Logic Flaw
2012-05-03 18:55:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2017-03-27 06:34:21
Cross-site Scripting
2017-03-24 08:19:33
Cross-site Scripting
2019-01-15 08:56:55
cve
cve
CVE-2012-0551
2012-05-03 18:55:00
CVE-2012-0550
2012-05-03 18:55:00
cvelist
cvelist
CVE-2012-0551
2012-05-03 18:17:00
CVE-2012-0550
2012-05-03 18:17:00
redhat
redhat
(RHSA-2012:1238) Critical: java-1.6.0-ibm security update
2012-09-06 00:00:00
(RHSA-2012:0734) Critical: java-1.6.0-sun security update
2012-06-13 00:00:00
(RHSA-2012:1019) Critical: java-1.7.0-oracle security update
2012-06-20 00:00:00
suse
suse
Security update for IBM Java (important)
2012-09-28 15:08:47
Security update for IBM Java (important)
2012-09-25 00:09:19
ibm
ibm
Security bulletin: Potential security vulnerabilities in IBM DataQuant with JRE 6
2022-09-25 23:13:40
Potential security vulnerabilities with JavaTM SDKs
2018-06-17 14:07:58
Security Bulletin: Multiple Vulnerabilities in Rational Synergy
2020-12-22 17:41:28
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2012-08-20 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-12-02 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2012
2012-07-19 00:00:00

0.861 High

EPSS

Percentile

98.3%

JSON
Related for OPENVAS:802624
nessus15openvas3checkpoint_advisories3debiancve2prion2veracode11cve2cvelist2redhat6suse2ibm3securityvulns2oracle1