(RHSA-2013:1853) Moderate: Red Hat JBoss Operations Network 3.2.0 update

2013-12-17T18:29:43

Description

Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.2.0 release serves as a replacement for JBoss Operations Network 3.1.2, and includes several bug fixes. Refer to the JBoss Operations Network 3.2.0 Release Notes for information on the most significant of these changes. The Release Notes will be available shortly from https://access.redhat.com/site/documentation/ The following security issues are also fixed with this release: It was found that sending a request without a session identifier to a protected resource could bypass the Cross-Site Request Forgery (CSRF) prevention filter. A remote attacker could use this flaw to perform CSRF attacks against applications that rely on the CSRF prevention filter and do not contain internal mitigation for CSRF. (CVE-2012-4431) The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783) A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block. (CVE-2013-2172) Warning: Before applying the update, back up your existing JBoss Operations Network installation (including its databases, applications, configuration files, the JBoss Operations Network server's file system directory, and so on). All users of JBoss Operations Network 3.1.2 as provided from the Red Hat Customer Portal are advised to upgrade to JBoss Operations Network 3.2.0.

{"id": "RHSA-2013:1853", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:1853) Moderate: Red Hat JBoss Operations Network 3.2.0 update", "description": "Red Hat JBoss Operations Network is a middleware management solution that\nprovides a single point of control to deploy, manage, and monitor JBoss\nEnterprise Middleware, applications, and services.\n\nThis JBoss Operations Network 3.2.0 release serves as a replacement for\nJBoss Operations Network 3.1.2, and includes several bug fixes. Refer to\nthe JBoss Operations Network 3.2.0 Release Notes for information on the\nmost significant of these changes. The Release Notes will be available\nshortly from https://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release:\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform CSRF\nattacks against applications that rely on the CSRF prevention filter and do\nnot contain internal mitigation for CSRF. (CVE-2012-4431)\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject's Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially crafted XML signature block. (CVE-2013-2172)\n\nWarning: Before applying the update, back up your existing JBoss Operations\nNetwork installation (including its databases, applications, configuration\nfiles, the JBoss Operations Network server's file system directory, and so\non).\n\nAll users of JBoss Operations Network 3.1.2 as provided from the Red Hat\nCustomer Portal are advised to upgrade to JBoss Operations Network 3.2.0.", "published": "2013-12-17T18:29:43", "modified": "2019-02-20T12:37:02", "epss": [{"cve": "CVE-2012-4431", "epss": 0.00278, "percentile": 0.6356, "modified": "2023-05-24"}, {"cve": "CVE-2012-5783", "epss": 0.00238, "percentile": 0.60409, "modified": "2023-05-24"}, {"cve": "CVE-2013-2172", "epss": 0.00186, "percentile": 0.54552, "modified": "2023-05-25"}], "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 5.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://access.redhat.com/errata/RHSA-2013:1853", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2012-4431", "CVE-2012-5783", "CVE-2013-2172"], "immutableFields": [], "lastseen": "2023-05-25T14:36:49", "viewCount": 9, "enchantments": {"score": {"value": 0.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2013-169", "ALAS-2014-410"]}, {"type": "atlassian", "idList": ["ATLASSIAN:CONF-29345", "ATLASSIAN:CONFCLOUD-29345", "ATLASSIAN:CONFSERVER-29345", "ATLASSIAN:CWD-4355", "CWD-4355"]}, {"type": "centos", "idList": ["CESA-2013:0270"]}, {"type": "cve", "idList": ["CVE-2012-4431", "CVE-2012-5783", "CVE-2012-6153", "CVE-2013-2172"]}, {"type": "debian", "idList": ["DEBIAN:DLA-222-1:38FAF", "DEBIAN:DLA-85-1:9FEBE", "DEBIAN:DSA-2725-1:3350C", "DEBIAN:DSA-3065-1:36D70", "DEBIAN:DSA-3065-1:74B58"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-4431", "DEBIANCVE:CVE-2012-5783", "DEBIANCVE:CVE-2012-6153", "DEBIANCVE:CVE-2013-2172"]}, {"type": "f5", "idList": ["F5:K15364328", "F5:K20038622", "SOL15364328", "SOL15741"]}, {"type": "fedora", "idList": ["FEDORA:25F4A2151F", "FEDORA:38DE2220D8", "FEDORA:5B904214E6", "FEDORA:5D10B2170F", "FEDORA:7E5312097C", "FEDORA:EE17520E26"]}, {"type": "freebsd", "idList": ["953911FE-51EF-11E2-8E34-0022156E8794"]}, {"type": "gentoo", "idList": ["GLSA-201412-29"]}, {"type": "github", "idList": ["GHSA-2X83-R56G-CV47", "GHSA-3832-9276-X7GF", "GHSA-76VR-72MV-MF3Q", "GHSA-R237-W2W6-JQ3P"]}, {"type": "ibm", "idList": ["01CFF49A8E945385D7DAF195723AF2400A442375CCE77F93B4CF72774A757E1D", "031AB80137983FA206B8FD452A65FA0ADD155D250DA679ADC4DC628C2E106C7E", "0A6BBC4DFBB5FEFCEDCBE9F7C11994171A57DC8ECA368D2E6508C015BE0285CA", "0F8C9B43069C04EF8D42F75FA8D42A5837D2A01F1B45F132DD6CE116C7562B83", "1F7A45CD4D73686FA6C9591207830D1B405EB9704E1C5F2BE5F439A0FE018D74", "229A4B43FE77515F8665EB39BE40365AEA78A7E6905A77143AA0029AE91AE79C", "269ED09DF8DEC59D6D5C76BBBEC1A3E9EB81FC2A6B977AF71E1341BCCE84CE32", "2C89CFD58F3D4EE971D17C1294FCDAF90987B18CD1793833204AB66E2BE29729", "332EB7C24BEDDB6A08EB1D2E56168DBF8FB7B8EE1E89939D477827DEB2BC62FA", "3530DF8DA972875E9B1FD6F767CF9BCE12DD28AEEAAF4F127105D1281DCB6CC5", "37E84D76257762D12F144C420A6FA36A16C6055B49D7AE073144BE16FFF7F0A0", "3B659ECA0A3490E43A993E28F17C28259C30674E3C1D43656C4A5B37F135FF29", "3D8540513E9389E52505EF4CCF99C1FC5DC8928BFA49128170D48087D1264725", "3F50B90AA067D7B221DE01833CF094A0A4B8DFCEFA2F20192B47FCC636918D02", "418A4C8D1E8F2E8A923DFE2C36570B4A5EF7B515E050C0F19513AF3DAE7D2628", "43DA4697F34CF5D5A6799540E74541895D58CA735AF6018C2189B56DA5C5FD59", "4777F5C1553B23793B9C264645B77DC8564BD5ADDE40E26C0417DA938016C274", "4BDE70E43A19F50FF60A2F5CB6ED1C095A92727557F41F17F3F3059A4D00A95B", "539FD5A344951CB3146EC1C6256AC3A91344217924BD86DB5242BF2BD9D82C91", "672ED98E9AB8BD15ACA2079635029450D742DBDD7246A12534BFFA7D54E83F8A", "6A211412F2D10EF21E599E5E233A8338C185096623353D79DC919935D1D1ED5B", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "81D5F6F41E5617EDA7FF694BBE43496FC48B7577BB4C9C238127ECCCB1D40118", "83DE818C5932FD800E5449ABA82FA7FDCAC7A0E2B41C5C07CC9E5CC56A3B9296", "8491CF1F3DD8116411BD720BFCBC2272BEB04446394152CADFC6BA73F4D21149", "858896131EA815FB74E9BDD335996EEADB31086755EBD223F4051866A0275C41", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "8D964A6D85AB92A093A54D98B52835DA52D646F29F4FB8F77B0F37827E6FEFB1", "8F7E9BC38CC1D5886DD8998C93E683C9367649830B463A9A5032011B60846A4C", "96AA6E96C459B552487D37879C1210BD7926BC641E7FD69543382941733FFB5F", "96B854658FB25B1C41C7953D07DFA40702863F7DF3DA2149F3BC57ED6B4B5CAA", "9BB767695E04070B0A01A2A358F1E873439FC146C704934519AFEEBACD01C19D", "A380C4CD3FFEF0D1AD28C9019320AF0085267A1FC55FD33D40E61A6A71DFDFF1", "A8A1B567F944BADF2C3904883B086755440DF569158EEB6B0C8C2202276A6F6E", "A9B608450EE2B2505174F8F497D891A822A15EB84A1C302BA28DE13FA45B34D4", "AAFF9E87667B35D62A52D77B8E5C3A000AE2419974F7C14545C23704BDDC171B", "AEC0722767EA21CDE0F10129C001F976425E48E7F302D7C24108AFF251D12D6D", "AF3CBD718F3297D87FDA4616011F4CD425D9EBE3BB2880108811A5CAEF018EB6", "B2EA2FBA4D280351FEA7F9EC1921C448D44F4D9EC613590A87A15467F7D34153", "B5810DD31544DECD338CCD71F5C05C78B267068FE3FD01928B5545B05BEE5FA0", "B62A0DF1BA325616E310706F59A3DD07DD7DC7356D343963E6F99C6D89411ED3", "B6D98686FB4CE3794F12AA810C56116765161F3CB64E9212B301423AF70BBA48", "B8C124EE4E419DE7F41A9CB0246E9FF21300C4C9A2734EF999830B9906B65133", "BAFE1432B61D78F2B29438C3606D2D46643F4DA3DFC6DD0FB0C4962ECD44C150", "C1F769D030FC2C40F30870B89602B6E37C63D9738974975088F5749826F8EED3", "C3B567818F0068A4E76BF412FA5CD0354D004804480FA49A2095407B12E1C65E", "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56", "D66B903250F05C7E6F628063E46BB788B758ACF5470BDBDCE9A7DDCF98ED3362", "D69CAB0B695FDB3F4A13D03095C9000050A31CA1EEA0F9ED3CBD01DC6FA43F1A", "DD5BF5116E5741EB672335643731F4B54ACDBD92F34C019A128C14DD0EF87E44", "DEAFA2DB54593AA80919E191E6F6089E8FC07DD6414224DF7420DF6F55DF4BC8", "E865AEC861081DF4FF67DBF0B04D3E134D71A5914681CD7C13E100D35E6CDBA7", "F06557E676BEE33840ABDCBC8B63800AEF257D21E96813D19608264A0DF5ED04", "F10B278BFBFA868C361722B3DE18CDFFBEA415174A88751DEB4AB93FA4D5705C", "F15BA9EC0C1FC4624C7DDC90D046A7A3558B86CF13B121A8778B5BA8562491DC", "F43AC4AD74C202F4FEB76EA0BC3429642A773A92CA519668F55C67ABFA59AEB0", "F5F1FB1C2673533300501FA7FF4A504864607B0F9FC3F37D5C4D752C3B79910F", "F6BC10354A07CCD87F52BAC1053D9E1403CC47698D49BA1AAD057CE5C0DE00EB", "F976E6D48149579C30755509014967F1B6A7163FEAAB9453EBE9572696C3DDDD", "FC2BEDDC9B0A20E14CE30F6B90D14256565AADCC69A534CA0557D8F35594D108"]}, {"type": "mageia", "idList": ["MGASA-2013-0199", "MGASA-2014-0002"]}, {"type": "nessus", "idList": ["6657.PASL", "800612.PRM", "AIX_IJ44987.NASL", "AIX_IJ44994.NASL", "AIX_IJ45221.NASL", "AIX_IJ45224.NASL", "ALA_ALAS-2013-169.NASL", "ALA_ALAS-2014-410.NASL", "CENTOS_RHSA-2013-0270.NASL", "DEBIAN_DLA-222.NASL", "DEBIAN_DLA-85.NASL", "DEBIAN_DSA-2725.NASL", "DEBIAN_DSA-3065.NASL", "FEDORA_2012-20151.NASL", "FEDORA_2013-1189.NASL", "FEDORA_2013-1203.NASL", "FEDORA_2013-1289.NASL", "FEDORA_2014-9539.NASL", "FEDORA_2014-9581.NASL", "FREEBSD_PKG_953911FE51EF11E28E340022156E8794.NASL", "GENTOO_GLSA-201412-29.NASL", "GLASSFISH_CPU_OCT_2013.NASL", "OPENSUSE-2012-883.NASL", "OPENSUSE-2012-884.NASL", "OPENSUSE-2013-161.NASL", "OPENSUSE-2013-23.NASL", "OPENSUSE-2013-304.NASL", "OPENSUSE-2013-305.NASL", "ORACLELINUX_ELSA-2013-0270.NASL", "PHOTONOS_PHSA-2020-3_0-0141_COMMONS.NASL", "REDHAT-RHSA-2013-0266.NASL", "REDHAT-RHSA-2013-0268.NASL", "REDHAT-RHSA-2013-0270.NASL", "REDHAT-RHSA-2013-0647.NASL", "REDHAT-RHSA-2013-0680.NASL", "REDHAT-RHSA-2013-1207.NASL", "REDHAT-RHSA-2013-1208.NASL", "REDHAT-RHSA-2013-1209.NASL", "REDHAT-RHSA-2013-1217.NASL", "REDHAT-RHSA-2013-1219.NASL", "REDHAT-RHSA-2013-1437.NASL", "REDHAT-RHSA-2014-0224.NASL", "REDHAT-RHSA-2014-1162.NASL", "REDHAT-RHSA-2014-1320.NASL", "REDHAT-RHSA-2014-1321.NASL", "SL_20130219_JAKARTA_COMMONS_HTTPCLIENT_ON_SL5_X.NASL", "SOLARIS11_TOMCAT_20140401.NASL", "SUSE_11_JAKARTA-COMMONS-HTTPCLIENT3-130328.NASL", "SUSE_11_TOMCAT6-130107.NASL", "TOMCAT_6_0_36.NASL", "TOMCAT_7_0_32.NASL", "UBUNTU_USN-1685-1.NASL", "UBUNTU_USN-2028-1.NASL", "UBUNTU_USN-2769-1.NASL", "WEBSPHERE_6453091.NASL", "WEBSPHERE_711867.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120079", "OPENVAS:1361412562310120384", "OPENVAS:1361412562310121315", "OPENVAS:1361412562310123724", "OPENVAS:1361412562310703065", "OPENVAS:136141256231072606", "OPENVAS:1361412562310841274", "OPENVAS:1361412562310842488", "OPENVAS:1361412562310864957", "OPENVAS:1361412562310865277", "OPENVAS:1361412562310865280", "OPENVAS:1361412562310865298", "OPENVAS:1361412562310868129", "OPENVAS:1361412562310868132", "OPENVAS:1361412562310870917", "OPENVAS:1361412562310881604", "OPENVAS:1361412562310892725", "OPENVAS:703065", "OPENVAS:841274", "OPENVAS:864957", "OPENVAS:865277", "OPENVAS:865280", "OPENVAS:865298", "OPENVAS:870917", "OPENVAS:881604", "OPENVAS:892725"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2014-1972956", "ORACLE:CPUOCT2013-1899837"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0270"]}, {"type": "osv", "idList": ["OSV:DLA-222-1", "OSV:DLA-85-1", "OSV:DSA-2725-1", "OSV:DSA-3065-1", "OSV:GHSA-2X83-R56G-CV47", "OSV:GHSA-3832-9276-X7GF", "OSV:GHSA-76VR-72MV-MF3Q", "OSV:GHSA-R237-W2W6-JQ3P"]}, {"type": "photon", "idList": ["PHSA-2020-0141", "PHSA-2020-3.0-0141"]}, {"type": "redhat", "idList": ["RHSA-2013:0265", "RHSA-2013:0266", "RHSA-2013:0267", "RHSA-2013:0268", "RHSA-2013:0270", "RHSA-2013:0647", "RHSA-2013:0648", "RHSA-2013:0679", "RHSA-2013:0680", "RHSA-2013:0682", "RHSA-2013:1006", "RHSA-2013:1207", "RHSA-2013:1208", "RHSA-2013:1209", "RHSA-2013:1217", "RHSA-2013:1218", "RHSA-2013:1219", "RHSA-2013:1375", "RHSA-2014:0212", "RHSA-2014:0224", "RHSA-2014:0400", "RHSA-2014:1162", "RHSA-2014:1320", "RHSA-2014:1321", "RHSA-2014:1369", "RHSA-2014:1904", "RHSA-2015:0234", "RHSA-2015:0235", "RHSA-2015:0675", "RHSA-2015:0720", "RHSA-2015:0765", "RHSA-2015:0850", "RHSA-2015:0851", "RHSA-2017:0868"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28804", "SECURITYVULNS:DOC:30087", "SECURITYVULNS:DOC:32573", "SECURITYVULNS:VULN:12747", "SECURITYVULNS:VULN:13423", "SECURITYVULNS:VULN:13441"]}, {"type": "seebug", "idList": ["SSV:60497", "SSV:60867"]}, {"type": "thn", "idList": ["THN:109F3CE2A5819B3E1345F63EBB346D6C", "THN:523B1918A8FF34F0AEA29BC9BA1A87F7"]}, {"type": "tomcat", "idList": ["TOMCAT:19B8FA4EC945FD0929C4EAC0F08D41F7", "TOMCAT:4FEF3224A3B841D1683CF58ECA4F4632"]}, {"type": "ubuntu", "idList": ["USN-1685-1", "USN-2028-1", "USN-2769-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-4431", "UB:CVE-2012-5783", "UB:CVE-2012-6153", "UB:CVE-2013-2172"]}, {"type": "veracode", "idList": ["VERACODE:11068", "VERACODE:11070", "VERACODE:11241", "VERACODE:11290"]}, {"type": "vmware", "idList": ["VMSA-2013-0006", "VMSA-2013-0006.1"]}]}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2013-169"]}, {"type": "atlassian", "idList": ["ATLASSIAN:CONFCLOUD-29345"]}, {"type": "centos", "idList": ["CESA-2013:0270"]}, {"type": "cve", "idList": ["CVE-2012-4431", "CVE-2012-5783", "CVE-2013-2172"]}, {"type": "debian", "idList": ["DEBIAN:DLA-85-1:9FEBE"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2012-5783", "DEBIANCVE:CVE-2013-2172"]}, {"type": "f5", "idList": ["SOL15741"]}, {"type": "fedora", "idList": ["FEDORA:EE17520E26"]}, {"type": "freebsd", "idList": ["953911FE-51EF-11E2-8E34-0022156E8794"]}, {"type": "gentoo", "idList": ["GLSA-201412-29"]}, {"type": "ibm", "idList": ["37E84D76257762D12F144C420A6FA36A16C6055B49D7AE073144BE16FFF7F0A0", "4777F5C1553B23793B9C264645B77DC8564BD5ADDE40E26C0417DA938016C274", "539FD5A344951CB3146EC1C6256AC3A91344217924BD86DB5242BF2BD9D82C91", "81D5F6F41E5617EDA7FF694BBE43496FC48B7577BB4C9C238127ECCCB1D40118"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2013-1207/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2013-169.NASL", "DEBIAN_DLA-222.NASL", "FEDORA_2013-1289.NASL", "OPENSUSE-2012-883.NASL", "ORACLELINUX_ELSA-2013-0270.NASL", "REDHAT-RHSA-2013-0270.NASL", "REDHAT-RHSA-2013-1209.NASL", "WEBSPHERE_711867.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310841274", "OPENVAS:1361412562310865277", "OPENVAS:1361412562310870917", "OPENVAS:864957"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2013-1899837"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0270"]}, {"type": "photon", "idList": ["PHSA-2020-3.0-0141"]}, {"type": "redhat", "idList": ["RHSA-2013:0268", "RHSA-2013:1209", "RHSA-2013:1217", "RHSA-2013:1219", "RHSA-2014:1162"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30087"]}, {"type": "seebug", "idList": ["SSV:60867"]}, {"type": "thn", "idList": ["THN:109F3CE2A5819B3E1345F63EBB346D6C"]}, {"type": "tomcat", "idList": ["TOMCAT:4FEF3224A3B841D1683CF58ECA4F4632"]}, {"type": "ubuntu", "idList": ["USN-2769-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-5783"]}, {"type": "vmware", "idList": ["VMSA-2013-0006.1"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2012-4431", "epss": 0.00278, "percentile": 0.63565, "modified": "2023-05-06"}, {"cve": "CVE-2012-5783", "epss": 0.00238, "percentile": 0.60376, "modified": "2023-05-06"}, {"cve": "CVE-2013-2172", "epss": 0.00186, "percentile": 0.54453, "modified": "2023-05-06"}], "vulnersScore": 0.4}, "_state": {"dependencies": 1685047221, "score": 1698837755, "epss": 0}, "_internal": {"score_hash": "9d101a7f02cb7ccae0d4469deaaee3b2"}, "affectedPackage": [], "vendorCvss": {"severity": "moderate"}}

{"debiancve": [{"lastseen": "2021-12-14T17:53:19", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "cvss3": {}, "published": "2012-12-19T11:55:00", "type": "debiancve", "title": "CVE-2012-4431", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2012-12-19T11:55:00", "id": "DEBIANCVE:CVE-2012-4431", "href": "https://security-tracker.debian.org/tracker/CVE-2012-4431", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:24:12", "description": "jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak \"canonicalization algorithm to apply to the SignedInfo part of the Signature.\"", "cvss3": {}, "published": "2013-08-20T22:55:00", "type": "debiancve", "title": "CVE-2013-2172", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2013-08-20T22:55:00", "id": "DEBIANCVE:CVE-2013-2172", "href": "https://security-tracker.debian.org/tracker/CVE-2013-2172", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:21:21", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "cvss3": {}, "published": "2012-11-04T22:55:00", "type": "debiancve", "title": "CVE-2012-5783", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2012-11-04T22:55:00", "id": "DEBIANCVE:CVE-2012-5783", "href": "https://security-tracker.debian.org/tracker/CVE-2012-5783", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-07T22:21:21", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.", "cvss3": {}, "published": "2014-09-04T17:55:00", "type": "debiancve", "title": "CVE-2012-6153", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2014-09-04T17:55:00", "id": "DEBIANCVE:CVE-2012-6153", "href": "https://security-tracker.debian.org/tracker/CVE-2012-6153", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "prion": [{"lastseen": "2023-11-22T04:39:45", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "cvss3": {}, "published": "2012-12-19T11:55:00", "type": "prion", "title": "Cross site request forgery (csrf)", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2017-09-19T01:35:00", "id": "PRION:CVE-2012-4431", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2012-4431", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T04:22:43", "description": "jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak \"canonicalization algorithm to apply to the SignedInfo part of the Signature.\"", "cvss3": {}, "published": "2013-08-20T22:55:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2023-04-18T19:06:00", "id": "PRION:CVE-2013-2172", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2013-2172", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-11-22T04:41:45", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "cvss3": {}, "published": "2012-11-04T22:55:00", "type": "prion", "title": "Code injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2021-04-23T17:28:00", "id": "PRION:CVE-2012-5783", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2012-5783", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-11-22T04:42:17", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.", "cvss3": {}, "published": "2014-09-04T17:55:00", "type": "prion", "title": "Design/Logic Flaw", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2018-01-05T02:29:00", "id": "PRION:CVE-2012-6153", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2012-6153", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-12-07T15:53:13", "description": "According to its self-reported version number, the instance of Apache Tomcat 7.0 listening on the remote host is prior to 7.0.32. It is, therefore, affected by a security bypass vulnerability due to an error in the file 'filters/CsrfPreventionFilter.java' that allows cross-site request forgery (XSRF) attacks to bypass the filtering. This allows access to protected resources without a session identifier.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2012-12-10T00:00:00", "type": "nessus", "title": "Apache Tomcat 7.0.x < 7.0.32 XSRF Filter Bypass", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_7_0_32.NASL", "href": "https://www.tenable.com/plugins/nessus/63200", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63200);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2012-4431\");\n script_bugtraq_id(56814);\n\n script_name(english:\"Apache Tomcat 7.0.x < 7.0.32 XSRF Filter Bypass\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by a security bypass\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the instance of Apache\nTomcat 7.0 listening on the remote host is prior to 7.0.32. It is,\ntherefore, affected by a security bypass vulnerability due to an error\nin the file 'filters/CsrfPreventionFilter.java' that allows cross-site\nrequest forgery (XSRF) attacks to bypass the filtering. This allows\naccess to protected resources without a session identifier.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/fulldisclosure/2012/Dec/74\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update Apache Tomcat to version 7.0.32 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4431\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"7.0.32\", min:\"7.0.0\", severity:SECURITY_WARNING, xsrf:TRUE, granularity_regex:\"^7(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:53:18", "description": "The Apache Software Foundation reports :\n\nThe CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request.", "cvss3": {}, "published": "2012-12-31T00:00:00", "type": "nessus", "title": "FreeBSD : tomcat -- bypass of CSRF prevention filter (953911fe-51ef-11e2-8e34-0022156e8794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:tomcat", "p-cpe:/a:freebsd:freebsd:tomcat7", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_953911FE51EF11E28E340022156E8794.NASL", "href": "https://www.tenable.com/plugins/nessus/63365", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63365);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4431\");\n\n script_name(english:\"FreeBSD : tomcat -- bypass of CSRF prevention filter (953911fe-51ef-11e2-8e34-0022156e8794)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Apache Software Foundation reports :\n\nThe CSRF prevention filter could be bypassed if a request was made to\na protected resource without a session identifier present in the\nrequest.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-6.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-7.html\"\n );\n # https://vuxml.freebsd.org/freebsd/953911fe-51ef-11e2-8e34-0022156e8794.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?633666fc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tomcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"tomcat>=6.0.0<=6.0.35\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"tomcat7>=7.0.0<=7.0.31\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:31:33", "description": "Updated tomcat7 packages that fix one security issue are now available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a protected resource could bypass the Cross-Site Request Forgery (CSRF) prevention filter. A remote attacker could use this flaw to perform CSRF attacks against applications that rely on the CSRF prevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise Web Server installation (including all applications and configuration files).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve this issue. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0268)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat7", "p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat7-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0268.NASL", "href": "https://www.tenable.com/plugins/nessus/76235", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0268. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76235);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4431\");\n script_bugtraq_id(56814);\n script_xref(name:\"RHSA\", value:\"2013:0268\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0268)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat7 packages that fix one security issue are now available\nfor JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5\nand 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nWarning: Before applying the update, back up your existing JBoss\nEnterprise Web Server installation (including all applications and\nconfiguration files).\n\nUsers of Tomcat should upgrade to these updated packages, which\nresolve this issue. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-7.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0268\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4431\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-jsp-2.2-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-servlet-3.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat7-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0268\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-admin-webapps-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-docs-webapp-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-el-1.0-api-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-javadoc-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-jsp-2.2-api-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-lib-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-log4j-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-servlet-3.0-api-7.0.30-3_patch_02.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat7-webapps-7.0.30-3_patch_02.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-admin-webapps-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-docs-webapp-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-el-1.0-api-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-javadoc-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-jsp-2.2-api-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-lib-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-log4j-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-servlet-3.0-api-7.0.30-5_patch_02.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat7-webapps-7.0.30-5_patch_02.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat7 / tomcat7-admin-webapps / tomcat7-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:31:36", "description": "An updated xml-security package that fixes one security issue is now available for Red Hat JBoss Web Platform 5.2.0 for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nApache Santuario implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss Web Platform installation (including all applications and configuration files).\n\nAll users of Red Hat JBoss Web Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to this updated package. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2014-06-28T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : xml-security in JBoss EWP (RHSA-2013:1219)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:xml-security", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-1219.NASL", "href": "https://www.tenable.com/plugins/nessus/76290", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1219. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76290);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2172\");\n script_bugtraq_id(60846);\n script_xref(name:\"RHSA\", value:\"2013:1219\");\n\n script_name(english:\"RHEL 5 / 6 : xml-security in JBoss EWP (RHSA-2013:1219)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xml-security package that fixes one security issue is now\navailable for Red Hat JBoss Web Platform 5.2.0 for Red Hat Enterprise\nLinux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nApache Santuario implements the XML Signature Syntax and Processing\nand XML Encryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof\nan XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat\nJBoss Web Platform installation (including all applications and\nconfiguration files).\n\nAll users of Red Hat JBoss Web Platform 5.2.0 on Red Hat Enterprise\nLinux 4, 5, and 6 are advised to upgrade to this updated package. The\nJBoss server process must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2172\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xml-security package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xml-security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1219\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jboss-seam2-\") || rpm_exists(release:\"RHEL6\", rpm:\"jboss-seam2-\")) || rpm_exists(rpm:\"jbossas-welcome-content-eap\")) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EWP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"xml-security-1.5.1-3_patch01.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xml-security-1.5.1-3_patch01.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xml-security\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:42:42", "description": "James Forshaw discovered that, in Apache Santuario XML Security for Java, CanonicalizationMethod parameters were incorrectly validated: by specifying an arbitrary weak canonicalization algorithm, an attacker could spoof XML signatures.", "cvss3": {}, "published": "2014-11-07T00:00:00", "type": "nessus", "title": "Debian DSA-3065-1 : libxml-security-java - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml-security-java", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3065.NASL", "href": "https://www.tenable.com/plugins/nessus/78896", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3065. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78896);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2172\");\n script_bugtraq_id(60846);\n script_xref(name:\"DSA\", value:\"3065\");\n\n script_name(english:\"Debian DSA-3065-1 : libxml-security-java - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"James Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated: by\nspecifying an arbitrary weak canonicalization algorithm, an attacker\ncould spoof XML signatures.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxml-security-java\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3065\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxml-security-java packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.4.5-1+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml-security-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxml-security-java\", reference:\"1.4.5-1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml-security-java-doc\", reference:\"1.4.5-1+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:40:14", "description": "An updated xml-security package that fixes one security issue is now available for Red Hat JBoss Enterprise Application Platform 5.2.0 for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nApache Santuario implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation (including all applications and configuration files).\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to this updated package. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-09-10T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : xml-security (RHSA-2013:1217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:xml-security", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-1217.NASL", "href": "https://www.tenable.com/plugins/nessus/69823", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1217. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69823);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-2172\");\n script_bugtraq_id(60846);\n script_xref(name:\"RHSA\", value:\"2013:1217\");\n\n script_name(english:\"RHEL 5 / 6 : xml-security (RHSA-2013:1217)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xml-security package that fixes one security issue is now\navailable for Red Hat JBoss Enterprise Application Platform 5.2.0 for\nRed Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nApache Santuario implements the XML Signature Syntax and Processing\nand XML Encryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof\nan XML signature via a specially crafted XML signature block.\n(CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat\nJBoss Enterprise Application Platform installation (including all\napplications and configuration files).\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 on\nRed Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to this\nupdated package. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-2172\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xml-security package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xml-security\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1217\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"xml-security-1.5.1-3_patch01.ep5.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xml-security-1.5.1-3_patch01.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xml-security\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:22:34", "description": "This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via andaarbitrary valid certificate (CVE-2012-5783).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "nessus", "title": "Fedora 18 : jakarta-commons-httpclient-3.1-12.fc18 (2013-1203)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-1203.NASL", "href": "https://www.tenable.com/plugins/nessus/64404", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-1203.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64404);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_xref(name:\"FEDORA\", value:\"2013-1203\");\n\n script_name(english:\"Fedora 18 : jakarta-commons-httpclient-3.1-12.fc18 (2013-1203)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security vulnerability that caused\njakarta-commons-httpclient not to verify that the server hostname\nmatches a domain name in the subject's Common Name (CN) or\nsubjectAltName field of the X.509 certificate, which allowed\nman-in-the-middle attackers to spoof SSL servers via andaarbitrary\nvalid certificate (CVE-2012-5783).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=873317\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/097836.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?68b7d5d4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"jakarta-commons-httpclient-3.1-12.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:30:27", "description": "jakarta-commons-httpclient3 was updated to add SSL certificate hostname checking. (CVE-2012-5783)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : jakarta-commons-httpclient3 (openSUSE-SU-2013:0354-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:jakarta-commons-httpclient", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-demo", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-javadoc", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-manual", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-demo", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-javadoc", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-manual", "cpe:/o:novell:opensuse:12.1", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2013-161.NASL", "href": "https://www.tenable.com/plugins/nessus/74904", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-161.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74904);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"openSUSE Security Update : jakarta-commons-httpclient3 (openSUSE-SU-2013:0354-1)\");\n script_summary(english:\"Check for the openSUSE-2013-161 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"jakarta-commons-httpclient3 was updated to add SSL certificate\nhostname checking. (CVE-2012-5783)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-02/msg00078.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-3.0.1-313.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-demo-3.0.1-313.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-javadoc-3.0.1-313.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-manual-3.0.1-313.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-3.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-demo-3.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-javadoc-3.1-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-manual-3.1-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-27T19:18:44", "description": "https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.", "cvss3": {}, "published": "2023-04-18T00:00:00", "type": "nessus", "title": "AIX 7.3 TL 0 : commonshttp (IJ45224)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2023-11-16T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.3"], "id": "AIX_IJ45224.NASL", "href": "https://www.tenable.com/plugins/nessus/174446", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory commonshttp_advisory.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(174446);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/16\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"AIX 7.3 TL 0 : commonshttp (IJ45224)\");\n script_summary(english:\"Check for APAR IJ45224\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783 Apache\nCommons HttpClient, as used in Amazon Flexible Payments Service (FPS)\nmerchant Java SDK and other products, could allow a remote attacker to\nconduct spoofing attacks, caused by the failure to verify that the\nserver hostname matches a domain name in the subject's Common Name\n(CN) field of the X.509 certificate. By persuading a victim to visit a\nWeb site containing a specially-crafted certificate, an attacker could\nexploit this vulnerability using man-in-the-middle techniques to spoof\nan SSL server.\"\n );\n # https://aix.software.ibm.com/aix/efixes/security/commonshttp_advisory.asc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f4c6751\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5783\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.3\", ml:\"00\", sp:\"01\", patch:\"IJ45224s2a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.3.0.0\", maxfilesetver:\"7.3.0.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.3\", ml:\"00\", sp:\"02\", patch:\"IJ45224s2a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.3.0.0\", maxfilesetver:\"7.3.0.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.3\", ml:\"00\", sp:\"03\", patch:\"IJ45224s2a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.3.0.0\", maxfilesetver:\"7.3.0.1\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:11:56", "description": "jakarta-commons-httpclient was updated to enhance the fix of bnc#803332 / CVE-2012-5783\n\n - also check for subjectAltNames in the certificate.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : jakarta-commons-httpclient (openSUSE-SU-2013:0622-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:jakarta-commons-httpclient", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-demo", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-javadoc", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-manual", "cpe:/o:novell:opensuse:12.2", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-304.NASL", "href": "https://www.tenable.com/plugins/nessus/74960", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-304.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74960);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"openSUSE Security Update : jakarta-commons-httpclient (openSUSE-SU-2013:0622-1)\");\n script_summary(english:\"Check for the openSUSE-2013-304 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"jakarta-commons-httpclient was updated to enhance the fix of\nbnc#803332 / CVE-2012-5783\n\n - also check for subjectAltNames in the certificate.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-04/msg00040.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-3.1-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-demo-3.1-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-javadoc-3.1-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"jakarta-commons-httpclient-manual-3.1-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"jakarta-commons-httpclient-3.1-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"jakarta-commons-httpclient-demo-3.1-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"jakarta-commons-httpclient-javadoc-3.1-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"jakarta-commons-httpclient-manual-3.1-4.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:23:01", "description": "An updated redhat-support-plugin-rhev package that fixes one security issue is now available.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Red Hat Support plug-in for Red Hat Enterprise Virtualization is a new feature which offers seamless integrated access to Red Hat Access services from the Red Hat Enterprise Virtualization Administration Portal. The plug-in provides automated functionality that enables quicker help, answers, and proactive services. It offers easy and instant access to Red Hat exclusive knowledge, resources, engagement, and diagnostic features.\n\nDetailed information about this plug-in can be found in the Red Hat Customer Portal at https://access.redhat.com/site/articles/425603\n\nThe Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of the Red Hat Support plug-in on Red Hat Enterprise Virtualization Manager are advised to install this updated package, which fixes this issue.", "cvss3": {}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 : redhat-support-plugin-rhev (RHSA-2014:0224)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:redhat-support-plugin-rhev", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-0224.NASL", "href": "https://www.tenable.com/plugins/nessus/78999", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0224. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78999);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_bugtraq_id(58073);\n script_xref(name:\"RHSA\", value:\"2014:0224\");\n\n script_name(english:\"RHEL 6 : redhat-support-plugin-rhev (RHSA-2014:0224)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated redhat-support-plugin-rhev package that fixes one security\nissue is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Red Hat Support plug-in for Red Hat Enterprise Virtualization is a\nnew feature which offers seamless integrated access to Red Hat Access\nservices from the Red Hat Enterprise Virtualization Administration\nPortal. The plug-in provides automated functionality that enables\nquicker help, answers, and proactive services. It offers easy and\ninstant access to Red Hat exclusive knowledge, resources, engagement,\nand diagnostic features.\n\nDetailed information about this plug-in can be found in the Red Hat\nCustomer Portal at https://access.redhat.com/site/articles/425603\n\nThe Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of the Red Hat Support plug-in on Red Hat Enterprise\nVirtualization Manager are advised to install this updated package,\nwhich fixes this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/site/articles/425603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2014-0224.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2012-5783.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected redhat-support-plugin-rhev package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-support-plugin-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_exists(rpm:\"redhat-support-plugin-rhev-3\\.3\\.\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", reference:\"redhat-support-plugin-rhev-3.3.0-14.el6ev\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redhat-support-plugin-rhev-3.3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:22:00", "description": "This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via andaarbitrary valid certificate (CVE-2012-5783).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "nessus", "title": "Fedora 17 : jakarta-commons-httpclient-3.1-12.fc17 (2013-1189)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-1189.NASL", "href": "https://www.tenable.com/plugins/nessus/64402", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-1189.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64402);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_xref(name:\"FEDORA\", value:\"2013-1189\");\n\n script_name(english:\"Fedora 17 : jakarta-commons-httpclient-3.1-12.fc17 (2013-1189)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security vulnerability that caused\njakarta-commons-httpclient not to verify that the server hostname\nmatches a domain name in the subject's Common Name (CN) or\nsubjectAltName field of the X.509 certificate, which allowed\nman-in-the-middle attackers to spoof SSL servers via andaarbitrary\nvalid certificate (CVE-2012-5783).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=873317\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/097885.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?31f03d87\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"jakarta-commons-httpclient-3.1-12.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:26:30", "description": "The following issue has been fixed :\n\n - SSL certificate hostname verification was not done and is fixed by this update. (CVE-2012-5783)", "cvss3": {}, "published": "2013-04-04T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : jakarta (SAT Patch Number 7574)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:jakarta-commons-httpclient3", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_JAKARTA-COMMONS-HTTPCLIENT3-130328.NASL", "href": "https://www.tenable.com/plugins/nessus/65795", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65795);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"SuSE 11.2 Security Update : jakarta (SAT Patch Number 7574)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issue has been fixed :\n\n - SSL certificate hostname verification was not done and\n is fixed by this update. (CVE-2012-5783)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-5783.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7574.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:jakarta-commons-httpclient3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"jakarta-commons-httpclient3-3.0.1-253.36.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:23:49", "description": "An updated jakarta-commons-httpclient package for JBoss Enterprise Application Platform 5.2.0 which fixes one security issue is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build HTTP-aware client applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\nWarning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation (including all applications and configuration files).\n\nAll users of JBoss Enterprise Application Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to this updated package. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-03-26T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : jakarta-commons-httpclient (RHSA-2013:0680)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0680.NASL", "href": "https://www.tenable.com/plugins/nessus/65677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0680. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65677);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_bugtraq_id(58073);\n script_xref(name:\"RHSA\", value:\"2013:0680\");\n\n script_name(english:\"RHEL 5 / 6 : jakarta-commons-httpclient (RHSA-2013:0680)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated jakarta-commons-httpclient package for JBoss Enterprise\nApplication Platform 5.2.0 which fixes one security issue is now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build\nHTTP-aware client applications (such as web browsers and web service\nclients).\n\nThe Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation (including all\napplications and configuration files).\n\nAll users of JBoss Enterprise Application Platform 5.2.0 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to this updated\npackage. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5783\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0680\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-2\", release:\"RHEL5\") && rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-httpclient-3.1-2.1_patch_01.ep5.el5\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-2\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-httpclient-3.1-2_patch_01.ep5.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:21:55", "description": "Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build HTTP-aware client applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to these updated packages, which correct this issue. Applications using the Jakarta Commons HttpClient component must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-02-20T00:00:00", "type": "nessus", "title": "CentOS 5 : jakarta-commons-httpclient (CESA-2013:0270)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:jakarta-commons-httpclient", "p-cpe:/a:centos:centos:jakarta-commons-httpclient-demo", "p-cpe:/a:centos:centos:jakarta-commons-httpclient-javadoc", "p-cpe:/a:centos:centos:jakarta-commons-httpclient-manual", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2013-0270.NASL", "href": "https://www.tenable.com/plugins/nessus/64691", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0270 and \n# CentOS Errata and Security Advisory 2013:0270 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64691);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_xref(name:\"RHSA\", value:\"2013:0270\");\n\n script_name(english:\"CentOS 5 : jakarta-commons-httpclient (CESA-2013:0270)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-httpclient packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build\nHTTP-aware client applications (such as web browsers and web service\nclients).\n\nThe Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to\nthese updated packages, which correct this issue. Applications using\nthe Jakarta Commons HttpClient component must be restarted for this\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-February/019241.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f92405b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5783\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-httpclient-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-httpclient-demo-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-httpclient-javadoc-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"jakarta-commons-httpclient-manual-3.0-7jpp.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jakarta-commons-httpclient-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:36:05", "description": "From Red Hat Security Advisory 2013:0270 :\n\nUpdated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build HTTP-aware client applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to these updated packages, which correct this issue. Applications using the Jakarta Commons HttpClient component must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : jakarta-commons-httpclient (ELSA-2013-0270)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:jakarta-commons-httpclient", "p-cpe:/a:oracle:linux:jakarta-commons-httpclient-demo", "p-cpe:/a:oracle:linux:jakarta-commons-httpclient-javadoc", "p-cpe:/a:oracle:linux:jakarta-commons-httpclient-manual", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2013-0270.NASL", "href": "https://www.tenable.com/plugins/nessus/68731", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0270 and \n# Oracle Linux Security Advisory ELSA-2013-0270 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68731);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_bugtraq_id(58073);\n script_xref(name:\"RHSA\", value:\"2013:0270\");\n\n script_name(english:\"Oracle Linux 5 / 6 : jakarta-commons-httpclient (ELSA-2013-0270)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0270 :\n\nUpdated jakarta-commons-httpclient packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build\nHTTP-aware client applications (such as web browsers and web service\nclients).\n\nThe Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to\nthese updated packages, which correct this issue. Applications using\nthe Jakarta Commons HttpClient component must be restarted for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003263.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003270.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-httpclient-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-httpclient-demo-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-httpclient-javadoc-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"jakarta-commons-httpclient-manual-3.0-7jpp.2\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-httpclient-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-httpclient-demo-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"jakarta-commons-httpclient-manual-3.1-0.7.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jakarta-commons-httpclient-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:38:56", "description": "The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : jakarta-commons-httpclient (ALAS-2013-169)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:jakarta-commons-httpclient", "p-cpe:/a:amazon:linux:jakarta-commons-httpclient-demo", "p-cpe:/a:amazon:linux:jakarta-commons-httpclient-javadoc", "p-cpe:/a:amazon:linux:jakarta-commons-httpclient-manual", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-169.NASL", "href": "https://www.tenable.com/plugins/nessus/69728", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-169.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69728);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_xref(name:\"ALAS\", value:\"2013-169\");\n script_xref(name:\"RHSA\", value:\"2013:0270\");\n\n script_name(english:\"Amazon Linux AMI : jakarta-commons-httpclient (ALAS-2013-169)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-169.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update jakarta-commons-httpclient' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-3.1-12.6.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-demo-3.1-12.6.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-javadoc-3.1-12.6.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-manual-3.1-12.6.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jakarta-commons-httpclient-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:26:48", "description": "James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-11-13T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS : libxml-security-java vulnerability (USN-2028-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml-security-java", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2028-1.NASL", "href": "https://www.tenable.com/plugins/nessus/70875", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2028-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70875);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-2172\");\n script_bugtraq_id(60846);\n script_xref(name:\"USN\", value:\"2028-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : libxml-security-java vulnerability (USN-2028-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"James Forshaw discovered that Apache XML Security for Java incorrectly\nvalidated CanonicalizationMethod parameters. An attacker could use\nthis flaw to spoof XML signatures.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2028-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml-security-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml-security-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libxml-security-java\", pkgver:\"1.4.3-2ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml-security-java\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T15:21:36", "description": "James Forshaw discovered that, in Apache Santuario XML Security for Java, CanonicalizationMethod parameters were incorrectly validated: by specifying an arbitrary weak canonicalization algorithm, an attacker could spoof XML signatures.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-85-1 : libxml-security-java security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml-security-java", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-85.NASL", "href": "https://www.tenable.com/plugins/nessus/82230", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-85-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82230);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2172\");\n script_bugtraq_id(60846);\n\n script_name(english:\"Debian DLA-85-1 : libxml-security-java security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"James Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated: by\nspecifying an arbitrary weak canonicalization algorithm, an attacker\ncould spoof XML signatures.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/11/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libxml-security-java\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected libxml-security-java package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml-security-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxml-security-java\", reference:\"1.4.3-2+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-27T19:21:04", "description": "https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.", "cvss3": {}, "published": "2023-04-18T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 5 : commonshttp (IJ44994)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2023-11-16T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IJ44994.NASL", "href": "https://www.tenable.com/plugins/nessus/174444", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory commonshttp_advisory.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(174444);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/16\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"AIX 7.2 TL 5 : commonshttp (IJ44994)\");\n script_summary(english:\"Check for APAR IJ44994\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783 Apache\nCommons HttpClient, as used in Amazon Flexible Payments Service (FPS)\nmerchant Java SDK and other products, could allow a remote attacker to\nconduct spoofing attacks, caused by the failure to verify that the\nserver hostname matches a domain name in the subject's Common Name\n(CN) field of the X.509 certificate. By persuading a victim to visit a\nWeb site containing a specially-crafted certificate, an attacker could\nexploit this vulnerability using man-in-the-middle techniques to spoof\nan SSL server.\"\n );\n # https://aix.software.ibm.com/aix/efixes/security/commonshttp_advisory.asc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f4c6751\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5783\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"03\", patch:\"IJ44994s4a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"03\", patch:\"IJ44994s4a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.100\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"03\", patch:\"IJ44994s4a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"04\", patch:\"IJ44994s4a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"04\", patch:\"IJ44994s4a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.100\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"04\", patch:\"IJ44994s4a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"05\", patch:\"IJ44994s5a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"05\", patch:\"IJ44994s5a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.100\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"05\", patch:\"IJ44994s5a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T15:18:22", "description": "This update fixes a security vulnerability that caused jakarta-commons-httpclient not to verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via andaarbitrary valid certificate (CVE-2012-5783).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "nessus", "title": "Fedora 16 : jakarta-commons-httpclient-3.1-12.fc16 (2013-1289)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2013-1289.NASL", "href": "https://www.tenable.com/plugins/nessus/64409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-1289.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64409);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_xref(name:\"FEDORA\", value:\"2013-1289\");\n\n script_name(english:\"Fedora 16 : jakarta-commons-httpclient-3.1-12.fc16 (2013-1289)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a security vulnerability that caused\njakarta-commons-httpclient not to verify that the server hostname\nmatches a domain name in the subject's Common Name (CN) or\nsubjectAltName field of the X.509 certificate, which allowed\nman-in-the-middle attackers to spoof SSL servers via andaarbitrary\nvalid certificate (CVE-2012-5783).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=873317\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-February/097894.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?827acaea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"jakarta-commons-httpclient-3.1-12.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:22:58", "description": "The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the- middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\nApplications using the Jakarta Commons HttpClient component must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-02-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : jakarta-commons-httpclient on SL5.x, SL6.x i386/x86_64 (20130219)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-debuginfo", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-demo", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-javadoc", "p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-manual", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130219_JAKARTA_COMMONS_HTTPCLIENT_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/64778", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64778);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"Scientific Linux Security Update : jakarta-commons-httpclient on SL5.x, SL6.x i386/x86_64 (20130219)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the- middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\n\nApplications using the Jakarta Commons HttpClient component must be\nrestarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1302&L=scientific-linux-errata&T=0&P=3348\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd1413c6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-httpclient-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-httpclient-debuginfo-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-httpclient-demo-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-httpclient-javadoc-3.0-7jpp.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"jakarta-commons-httpclient-manual-3.0-7jpp.2\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-httpclient-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-httpclient-demo-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"jakarta-commons-httpclient-manual-3.1-0.7.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jakarta-commons-httpclient-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:22:24", "description": "Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build HTTP-aware client applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to these updated packages, which correct this issue. Applications using the Jakarta Commons HttpClient component must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-02-20T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : jakarta-commons-httpclient (RHSA-2013:0270)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-debuginfo", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-demo", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-javadoc", "p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-manual", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.9", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.3"], "id": "REDHAT-RHSA-2013-0270.NASL", "href": "https://www.tenable.com/plugins/nessus/64695", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0270. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64695);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-5783\");\n script_xref(name:\"RHSA\", value:\"2013:0270\");\n\n script_name(english:\"RHEL 5 / 6 : jakarta-commons-httpclient (RHSA-2013:0270)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jakarta-commons-httpclient packages that fix one security\nissue are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe Jakarta Commons HttpClient component can be used to build\nHTTP-aware client applications (such as web browsers and web service\nclients).\n\nThe Jakarta Commons HttpClient component did not verify that the\nserver hostname matched the domain name in the subject's Common Name\n(CN) or subjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a\ncertificate that was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to\nthese updated packages, which correct this issue. Applications using\nthe Jakarta Commons HttpClient component must be restarted for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5783\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0270\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.0-7\", release:\"RHEL5\") && rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-httpclient-3.0-7jpp.2\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.0-7\", release:\"RHEL5\") && rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-3.0-7jpp.2\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.0-7\", release:\"RHEL5\") && rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-httpclient-debuginfo-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-debuginfo-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-debuginfo-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-httpclient-demo-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-demo-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-demo-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-httpclient-javadoc-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-javadoc-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-javadoc-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"jakarta-commons-httpclient-manual-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-manual-3.0-7jpp.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-manual-3.0-7jpp.2\")) flag++;\n\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-0\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jakarta-commons-httpclient-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-0\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-0\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jakarta-commons-httpclient-demo-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-demo-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-demo-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"jakarta-commons-httpclient-manual-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"jakarta-commons-httpclient-manual-3.1-0.7.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"jakarta-commons-httpclient-manual-3.1-0.7.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jakarta-commons-httpclient-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:33:20", "description": "jakarta-commons-httpclient3 was updated to enhance the fix of bnc#803332 / CVE-2012-5783 :\n\n - also add a check for subjectAltNames in certificates", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : jakarta-commons-httpclient3 (openSUSE-SU-2013:0623-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-demo", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-javadoc", "p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-manual", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2013-305.NASL", "href": "https://www.tenable.com/plugins/nessus/74961", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-305.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74961);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"openSUSE Security Update : jakarta-commons-httpclient3 (openSUSE-SU-2013:0623-1)\");\n script_summary(english:\"Check for the openSUSE-2013-305 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"jakarta-commons-httpclient3 was updated to enhance the fix of\nbnc#803332 / CVE-2012-5783 :\n\n - also add a check for subjectAltNames in certificates\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-04/msg00041.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:jakarta-commons-httpclient3-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-3.0.1-313.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-demo-3.0.1-313.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-javadoc-3.0.1-313.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"jakarta-commons-httpclient3-manual-3.0.1-313.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:11:42", "description": "The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.8. It is, therefore, affected by an information disclosure vulnerability in the Apache Commons HttpClient subcomponent due to the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. An unauthenticated, remote attacker can exploit this to conduct spoofing attacks, by persuading a victim to visit a web site containing a specially-crafted certificate.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-10-27T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2012-5783)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2020-11-30T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_711867.NASL", "href": "https://www.tenable.com/plugins/nessus/141917", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141917);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/30\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2012-5783)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application server is affected by an information disclosure vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through\n8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.8. It is, therefore, affected by an information disclosure\nvulnerability in the Apache Commons HttpClient subcomponent due to the failure to verify that the server hostname\nmatches a domain name in the subject's Common Name (CN) field of the X.509 certificate. An unauthenticated, remote\nattacker can exploit this to conduct spoofing attacks, by persuading a victim to visit a web site containing a\nspecially-crafted certificate.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/711867\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM WebSphere Application Server 8.5.5.14, 9.0.0.8, or later. Alternatively, upgrade to the minimal fix pack\nlevels required by the interim fix and then apply Interim Fix PI96685 and PI98251.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5783\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\", \"ibm_enum_products.nbin\", \"ibm_websphere_application_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM WebSphere Application Server\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp = 'IBM WebSphere Application Server';\nfix = 'Interim Fix PI96685 and PI98251';\n\napp_info = vcf::combined_get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n# If the detection is only remote, Source will be set, and we should require paranoia\nif (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nif ('PI96685' >< app_info['Fixes'] && 'PI98251' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nconstraints = [\n {'min_version':'7.0.0.0', 'max_version':'7.0.0.45', 'fixed_version':fix},\n {'min_version':'8.0.0.0', 'max_version':'8.0.0.15', 'fixed_version':fix},\n {'min_version':'8.5.0.0', 'max_version':'8.5.5.13', 'fixed_version':'8.5.5.14 or ' + fix},\n {'min_version':'9.0.0.0', 'max_version':'9.0.0.7', 'fixed_version':'9.0.0.8 or ' + fix}\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:47:40", "description": "https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.", "cvss3": {}, "published": "2023-04-18T00:00:00", "type": "nessus", "title": "AIX 7.3 TL 1 : commonshttp (IJ44987)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2023-04-20T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.3"], "id": "AIX_IJ44987.NASL", "href": "https://www.tenable.com/plugins/nessus/174439", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory commonshttp_advisory.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(174439);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"AIX 7.3 TL 1 : commonshttp (IJ44987)\");\n script_summary(english:\"Check for APAR IJ44987\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783 Apache\nCommons HttpClient, as used in Amazon Flexible Payments Service (FPS)\nmerchant Java SDK and other products, could allow a remote attacker to\nconduct spoofing attacks, caused by the failure to verify that the\nserver hostname matches a domain name in the subject's Common Name\n(CN) field of the X.509 certificate. By persuading a victim to visit a\nWeb site containing a specially-crafted certificate, an attacker could\nexploit this vulnerability using man-in-the-middle techniques to spoof\nan SSL server.\"\n );\n # https://aix.software.ibm.com/aix/efixes/security/commonshttp_advisory.asc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f4c6751\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.3\", ml:\"01\", sp:\"01\", patch:\"IJ44987s1a\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.3.1.0\", maxfilesetver:\"7.3.1.0\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:02:56", "description": "https://vulners.com/cve/CVE-2012-5783 https://vulners.com/cve/CVE-2012-5783 Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.", "cvss3": {}, "published": "2023-04-18T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 5 : commonshttp (IJ45221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2023-11-16T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IJ45221.NASL", "href": "https://www.tenable.com/plugins/nessus/174442", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory commonshttp_advisory.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(174442);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/16\");\n\n script_cve_id(\"CVE-2012-5783\");\n\n script_name(english:\"AIX 7.1 TL 5 : commonshttp (IJ45221)\");\n script_summary(english:\"Check for APAR IJ45221\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5783 Apache\nCommons HttpClient, as used in Amazon Flexible Payments Service (FPS)\nmerchant Java SDK and other products, could allow a remote attacker to\nconduct spoofing attacks, caused by the failure to verify that the\nserver hostname matches a domain name in the subject's Common Name\n(CN) field of the X.509 certificate. By persuading a victim to visit a\nWeb site containing a specially-crafted certificate, an attacker could\nexploit this vulnerability using man-in-the-middle techniques to spoof\nan SSL server.\"\n );\n # https://aix.software.ibm.com/aix/efixes/security/commonshttp_advisory.asc\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f4c6751\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-5783\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"05\", sp:\"09\", patch:\"IJ45221sAa\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.1.5.0\", maxfilesetver:\"7.1.5.34\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"05\", sp:\"10\", patch:\"IJ45221sAa\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.1.5.0\", maxfilesetver:\"7.1.5.34\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"05\", sp:\"11\", patch:\"IJ45221sAa\", package:\"bos.ecc_client.rte\", minfilesetver:\"7.1.5.0\", maxfilesetver:\"7.1.5.34\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:32:31", "description": "- fix bnc#794548 - denial of service (CVE-2012-4534)\n\n - apache-tomcat-CVE-2012-4534.patch fixes apache#53138, apache#52858 http://svn.apache.org/viewvc?view=rev&rev=1372035\n\n - fix a minor issue in apache-tomcat-CVE-2012-4431.patch use the already initialized session variable instead of an another call req.getSesssion()", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tomcat6 (openSUSE-SU-2013:0161-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-4534"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libtcnative-1-0", "p-cpe:/a:novell:opensuse:libtcnative-1-0-debuginfo", "p-cpe:/a:novell:opensuse:libtcnative-1-0-debugsource", "p-cpe:/a:novell:opensuse:libtcnative-1-0-devel", "p-cpe:/a:novell:opensuse:tomcat6", "p-cpe:/a:novell:opensuse:tomcat6-admin-webapps", "p-cpe:/a:novell:opensuse:tomcat6-docs-webapp", "p-cpe:/a:novell:opensuse:tomcat6-el-1_0-api", "p-cpe:/a:novell:opensuse:tomcat6-javadoc", "p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api", "p-cpe:/a:novell:opensuse:tomcat6-lib", "p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api", "p-cpe:/a:novell:opensuse:tomcat6-webapps", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2013-23.NASL", "href": "https://www.tenable.com/plugins/nessus/74938", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-23.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74938);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4431\", \"CVE-2012-4534\");\n\n script_name(english:\"openSUSE Security Update : tomcat6 (openSUSE-SU-2013:0161-1)\");\n script_summary(english:\"Check for the openSUSE-2013-23 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - fix bnc#794548 - denial of service (CVE-2012-4534)\n\n - apache-tomcat-CVE-2012-4534.patch fixes apache#53138,\n apache#52858\n http://svn.apache.org/viewvc?view=rev&rev=1372035\n\n - fix a minor issue in apache-tomcat-CVE-2012-4431.patch\n use the already initialized session variable instead of\n an another call req.getSesssion()\"\n );\n # http://svn.apache.org/viewvc?view=rev&rev=1372035\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://svn.apache.org/viewvc?view=revision&revision=1372035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=794548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tomcat6 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtcnative-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtcnative-1-0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtcnative-1-0-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libtcnative-1-0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-el-1_0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-jsp-2_1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-servlet-2_5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtcnative-1-0-1.3.3-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtcnative-1-0-debuginfo-1.3.3-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtcnative-1-0-debugsource-1.3.3-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libtcnative-1-0-devel-1.3.3-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-admin-webapps-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-docs-webapp-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-el-1_0-api-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-javadoc-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-jsp-2_1-api-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-lib-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-servlet-2_5-api-6.0.33-3.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"tomcat6-webapps-6.0.33-3.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtcnative-1-0 / libtcnative-1-0-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:21:42", "description": "It was discovered that Tomcat incorrectly performed certain security constraint checks in the FORM authenticator. A remote attacker could possibly use this flaw with a specially crafted URI to bypass security constraint checks. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-3546)\n\nIt was discovered that Tomcat incorrectly handled requests that lack a session identifier. A remote attacker could possibly use this flaw to bypass the cross-site request forgery protection. (CVE-2012-4431)\n\nIt was discovered that Tomcat incorrectly handled sendfile and HTTPS when the NIO connector is used. A remote attacker could use this flaw to cause Tomcat to stop responsing, resulting in a denial of service.\nThis issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-4534).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-01-15T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : tomcat6, tomcat7 vulnerabilities (USN-1685-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libtomcat6-java", "p-cpe:/a:canonical:ubuntu_linux:libtomcat7-java", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-1685-1.NASL", "href": "https://www.tenable.com/plugins/nessus/63535", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1685-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63535);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\");\n script_xref(name:\"USN\", value:\"1685-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : tomcat6, tomcat7 vulnerabilities (USN-1685-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Tomcat incorrectly performed certain security\nconstraint checks in the FORM authenticator. A remote attacker could\npossibly use this flaw with a specially crafted URI to bypass security\nconstraint checks. This issue only affected Ubuntu 10.04 LTS, Ubuntu\n11.10 and Ubuntu 12.04 LTS. (CVE-2012-3546)\n\nIt was discovered that Tomcat incorrectly handled requests that lack a\nsession identifier. A remote attacker could possibly use this flaw to\nbypass the cross-site request forgery protection. (CVE-2012-4431)\n\nIt was discovered that Tomcat incorrectly handled sendfile and HTTPS\nwhen the NIO connector is used. A remote attacker could use this flaw\nto cause Tomcat to stop responsing, resulting in a denial of service.\nThis issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10 and Ubuntu\n12.04 LTS. (CVE-2012-4534).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1685-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libtomcat6-java and / or libtomcat7-java packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtomcat6-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libtomcat7-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libtomcat6-java\", pkgver:\"6.0.24-2ubuntu1.12\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libtomcat6-java\", pkgver:\"6.0.32-5ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libtomcat6-java\", pkgver:\"6.0.35-1ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libtomcat7-java\", pkgver:\"7.0.30-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtomcat6-java / libtomcat7-java\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:25:42", "description": "The version of GlassFish Server running on the remote host is affected by multiple vulnerabilities in the following components :\n\n - Java Server Faces\n - Metro", "cvss3": {}, "published": "2013-10-17T00:00:00", "type": "nessus", "title": "Oracle GlassFish Server Multiple Vulnerabilities (October 2013 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172", "CVE-2013-3827", "CVE-2013-5816"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:oracle:glassfish_server"], "id": "GLASSFISH_CPU_OCT_2013.NASL", "href": "https://www.tenable.com/plugins/nessus/70482", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70482);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/15 20:50:25\");\n\n script_cve_id(\"CVE-2013-2172\", \"CVE-2013-3827\", \"CVE-2013-5816\");\n script_bugtraq_id(60846, 63052, 63054);\n script_xref(name:\"CERT\", value:\"526012\");\n\n script_name(english:\"Oracle GlassFish Server Multiple Vulnerabilities (October 2013 CPU)\");\n script_summary(english:\"Checks the version of Oracle GlassFish.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of GlassFish Server running on the remote host is affected\nby multiple vulnerabilities in the following components :\n\n - Java Server Faces\n - Metro\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to GlassFish Server 2.1.1.22 / 3.0.1.8 / 3.1.2.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n # https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4930e546\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:glassfish_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"glassfish_detect.nasl\");\n script_require_keys(\"www/glassfish\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"audit.inc\");\ninclude(\"glassfish.inc\");\n\n#\n# Main\n#\n\n# Check for GlassFish\nget_kb_item_or_exit('www/glassfish');\n\nport = get_glassfish_port(default:8080);\n\n# Get the version number out of the KB.\nver = get_kb_item_or_exit(\"www/\" + port + \"/glassfish/version\");\nbanner = get_kb_item_or_exit(\"www/\" + port + \"/glassfish/source\");\npristine = get_kb_item_or_exit(\"www/\" + port + \"/glassfish/version/pristine\");\n\n# Check if the installation is vulnerable.\nif (ver =~ \"^2\\.1\\.1\")\n fix = \"2.1.1.22\";\nelse if (ver =~ \"^3\\.0\\.1\")\n fix = \"3.0.1.8\";\nelse if (ver =~ \"^3\\.1\\.2\")\n fix = \"3.1.2.7\";\nelse\n fix = NULL;\n\nif (!isnull(fix) && ver_compare(ver:ver, fix:fix, strict:FALSE) < 0)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + pristine +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"Oracle GlassFish\", port, pristine);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:16:01", "description": "Security fix for CVE-2014-3577, CVE-2012-6153\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-08-27T00:00:00", "type": "nessus", "title": "Fedora 19 : jakarta-commons-httpclient-3.1-15.fc19 (2014-9539)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-9539.NASL", "href": "https://www.tenable.com/plugins/nessus/77396", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9539.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77396);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\");\n script_bugtraq_id(58073, 69257, 69258);\n script_xref(name:\"FEDORA\", value:\"2014-9539\");\n\n script_name(english:\"Fedora 19 : jakarta-commons-httpclient-3.1-15.fc19 (2014-9539)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-3577, CVE-2012-6153\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129916\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137013.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6746a847\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"jakarta-commons-httpclient-3.1-15.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:18:10", "description": "Updated packages for Red Hat JBoss Enterprise Application Platform 5.2.0 that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat Product Security.\n\nFor additional information on these flaws, refer to the Knowledgebase article in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2014-10-01T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : JBoss EAP (RHSA-2014:1321)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2-docs", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2-examples", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2-runtime", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-1321.NASL", "href": "https://www.tenable.com/plugins/nessus/78008", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1321. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78008);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-6153\", \"CVE-2014-3577\");\n script_xref(name:\"RHSA\", value:\"2014:1321\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : JBoss EAP (RHSA-2014:1321)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages for Red Hat JBoss Enterprise Application Platform\n5.2.0 that fix two security issues are now available for Red Hat\nEnterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform is a platform for Java\napplications, which integrates the JBoss Application Server with JBoss\nHibernate and JBoss Seam.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code\nadded to check that the server host name matches the domain name in a\nsubject's Common Name (CN) field in X.509 certificates was flawed. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name\nfrom an X.509 certificate subject's Common Name (CN) field. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nFor additional information on these flaws, refer to the Knowledgebase\narticle in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 on\nRed Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these\nupdated packages. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/1165533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3577\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1321\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-4\", release:\"RHEL4\") && rpm_check(release:\"RHEL4\", reference:\"jakarta-commons-httpclient-3.1-4_patch_02.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-docs-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-examples-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-runtime-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-4\", release:\"RHEL5\") && rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-httpclient-3.1-4_patch_02.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-docs-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-examples-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-runtime-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-4\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-httpclient-3.1-4_patch_02.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-docs-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-examples-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-runtime-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jboss-seam2 / jboss-seam2-docs / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:31:21", "description": "CVE-2012-5783 and CVE-2012-6153 Apache Commons HttpClient 3.1 did not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Thanks to Alberto Fernandez Martinez for the patch.\n\nCVE-2014-3577 It was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. The fix for CVE-2012-6153 was intended to address the incomplete patch for CVE-2012-5783. The issue is now completely resolved by applying this patch and the one for the previous CVEs\n\nThis upload was prepared by Markus Koschany.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "Debian DLA-222-1 : commons-httpclient security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libcommons-httpclient-java", "p-cpe:/a:debian:debian_linux:libcommons-httpclient-java-doc", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-222.NASL", "href": "https://www.tenable.com/plugins/nessus/83545", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-222-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83545);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\");\n script_bugtraq_id(58073, 69257, 69258);\n\n script_name(english:\"Debian DLA-222-1 : commons-httpclient security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2012-5783 and CVE-2012-6153 Apache Commons HttpClient 3.1 did not\nverify that the server hostname matches a domain name in the subject's\nCommon Name (CN) or subjectAltName field of the X.509 certificate,\nwhich allows man-in-the-middle attackers to spoof SSL servers via an\narbitrary valid certificate. Thanks to Alberto Fernandez Martinez for\nthe patch.\n\nCVE-2014-3577 It was found that the fix for CVE-2012-6153 was\nincomplete: the code added to check that the server hostname matches\nthe domain name in a subject's Common Name (CN) field in X.509\ncertificates was flawed. A man-in-the-middle attacker could use this\nflaw to spoof an SSL server using a specially crafted X.509\ncertificate. The fix for CVE-2012-6153 was intended to address the\nincomplete patch for CVE-2012-5783. The issue is now completely\nresolved by applying this patch and the one for the previous CVEs\n\nThis upload was prepared by Markus Koschany.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/05/msg00008.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/commons-httpclient\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcommons-httpclient-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcommons-httpclient-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libcommons-httpclient-java\", reference:\"3.1-9+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libcommons-httpclient-java-doc\", reference:\"3.1-9+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:18:10", "description": "Updated Red Hat JBoss Enterprise Application Platform 6.3.0 packages that fix two security issues are now available for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat Product Security.\n\nFor additional information on these flaws, refer to the Knowledgebase article in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3.0 on Red Hat Enterprise Linux 5, 6, and 7 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2014-09-08T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2014:1162)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:httpclient-eap6", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-client-eap6", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-core-eap6", "p-cpe:/a:redhat:enterprise_linux:httpcomponents-project-eap6", "p-cpe:/a:redhat:enterprise_linux:httpcore-eap6", "p-cpe:/a:redhat:enterprise_linux:httpmime-eap6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2014-1162.NASL", "href": "https://www.tenable.com/plugins/nessus/77561", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1162. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77561);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-6153\", \"CVE-2014-3577\");\n script_bugtraq_id(69257, 69258);\n script_xref(name:\"RHSA\", value:\"2014:1162\");\n\n script_name(english:\"RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2014:1162)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated Red Hat JBoss Enterprise Application Platform 6.3.0 packages\nthat fix two security issues are now available for Red Hat Enterprise\nLinux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code\nadded to check that the server host name matches the domain name in a\nsubject's Common Name (CN) field in X.509 certificates was flawed. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name\nfrom an X.509 certificate subject's Common Name (CN) field. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nFor additional information on these flaws, refer to the Knowledgebase\narticle in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3.0 on\nRed Hat Enterprise Linux 5, 6, and 7 are advised to upgrade to these\nupdated packages. The JBoss server process must be restarted for the\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3577\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpclient-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-client-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-core-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcomponents-project-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpcore-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:httpmime-eap6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1162\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-welcome-content-eap\") || rpm_exists(release:\"RHEL7\", rpm:\"jbossas-welcome-content-eap\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EAP\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"httpclient-eap6-4.2.1-12.redhat_2.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"httpcomponents-client-eap6-4.2.1-12.redhat_2.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"httpcomponents-core-eap6-4.2.1-12.redhat_2.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"httpcomponents-project-eap6-6-12.redhat_2.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"httpcore-eap6-4.2.1-12.redhat_2.1.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"httpmime-eap6-4.2.1-12.redhat_2.1.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"httpclient-eap6-4.2.1-12.redhat_2.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"httpcomponents-client-eap6-4.2.1-12.redhat_2.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"httpcomponents-core-eap6-4.2.1-12.redhat_2.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"httpcomponents-project-eap6-6-12.redhat_2.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"httpcore-eap6-4.2.1-12.redhat_2.1.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"httpmime-eap6-4.2.1-12.redhat_2.1.ep6.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"httpclient-eap6-4.2.1-12.redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"httpcomponents-client-eap6-4.2.1-12.redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"httpcomponents-core-eap6-4.2.1-12.redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"httpcomponents-project-eap6-6-12.redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"httpcore-eap6-4.2.1-12.redhat_2.1.ep6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"httpmime-eap6-4.2.1-12.redhat_2.1.ep6.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"httpclient-eap6 / httpcomponents-client-eap6 / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T16:22:04", "description": "An update of the commons package has been released.", "cvss3": {}, "published": "2020-09-21T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Commons PHSA-2020-3.0-0141", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2014-3577", "CVE-2015-5262"], "modified": "2020-09-22T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:commons", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0141_COMMONS.NASL", "href": "https://www.tenable.com/plugins/nessus/140702", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0141. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140702);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2012-5783\", \"CVE-2014-3577\", \"CVE-2015-5262\");\n script_bugtraq_id(58073, 69258, 77110);\n\n script_name(english:\"Photon OS 3.0: Commons PHSA-2020-3.0-0141\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the commons package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-141.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3577\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:commons\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', reference:'commons-httpclient-3.1-1.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'commons');\n}\n\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:16:00", "description": "Security fix for CVE-2014-3577, CVE-2012-6153\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-08-27T00:00:00", "type": "nessus", "title": "Fedora 20 : jakarta-commons-httpclient-3.1-15.fc20 (2014-9581)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-9581.NASL", "href": "https://www.tenable.com/plugins/nessus/77399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9581.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77399);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\");\n script_bugtraq_id(58073, 69257, 69258);\n script_xref(name:\"FEDORA\", value:\"2014-9581\");\n\n script_name(english:\"Fedora 20 : jakarta-commons-httpclient-3.1-15.fc20 (2014-9581)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2014-3577, CVE-2012-6153\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1129916\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137032.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b64edb4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jakarta-commons-httpclient package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"jakarta-commons-httpclient-3.1-15.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:39:26", "description": "Updated packages for Red Hat JBoss Enterprise Web Platform 5.2.0 that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat Product Security.\n\nFor additional information on these flaws, refer to the Knowledgebase article in the References section.\n\nAll users of Red Hat JBoss Enterprise Web Platform 5.2.0 on Red Hat Enterprise Linux 4, 5, and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2014-10-01T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : JBoss EWP (RHSA-2014:1320)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2-docs", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2-examples", "p-cpe:/a:redhat:enterprise_linux:jboss-seam2-runtime", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-1320.NASL", "href": "https://www.tenable.com/plugins/nessus/78007", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1320. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78007);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-6153\", \"CVE-2014-3577\");\n script_xref(name:\"RHSA\", value:\"2014:1320\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : JBoss EWP (RHSA-2014:1320)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated packages for Red Hat JBoss Enterprise Web Platform 5.2.0 that\nfix two security issues are now available for Red Hat Enterprise Linux\n4, 5, and 6.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nRed Hat JBoss Enterprise Web Platform is a platform for Java\napplications, which integrates the JBoss Web Server with JBoss\nHibernate and JBoss Seam.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code\nadded to check that the server host name matches the domain name in a\nsubject's Common Name (CN) field in X.509 certificates was flawed. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name\nfrom an X.509 certificate subject's Common Name (CN) field. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nFor additional information on these flaws, refer to the Knowledgebase\narticle in the References section.\n\nAll users of Red Hat JBoss Enterprise Web Platform 5.2.0 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/solutions/1165533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3577\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jboss-seam2-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1320\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL4\", rpm:\"jbossas-seam2-\") || rpm_exists(release:\"RHEL5\", rpm:\"jbossas-seam2-\") || rpm_exists(release:\"RHEL6\", rpm:\"jbossas-seam2-\")) || rpm_exists(rpm:\"jbossas-welcome-content-eap\")) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss EWP\");\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-4\", release:\"RHEL4\") && rpm_check(release:\"RHEL4\", reference:\"jakarta-commons-httpclient-3.1-4_patch_02.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-docs-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-examples-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"jboss-seam2-runtime-2.2.6.EAP5-22_patch_01.ep5.el4\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-4\", release:\"RHEL5\") && rpm_check(release:\"RHEL5\", reference:\"jakarta-commons-httpclient-3.1-4_patch_02.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-docs-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-examples-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jboss-seam2-runtime-2.2.6.EAP5-22_patch_01.ep5.el5\")) flag++;\n\n if (rpm_exists(rpm:\"jakarta-commons-httpclient-3.1-4\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", reference:\"jakarta-commons-httpclient-3.1-4_patch_02.el6_5\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-docs-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-examples-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jboss-seam2-runtime-2.2.6.EAP5-22_patch_01.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jboss-seam2 / jboss-seam2-docs / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:42:27", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.\n\nIt was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.", "cvss3": {}, "published": "2014-10-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : jakarta-commons-httpclient (ALAS-2014-410)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:jakarta-commons-httpclient", "p-cpe:/a:amazon:linux:jakarta-commons-httpclient-demo", "p-cpe:/a:amazon:linux:jakarta-commons-httpclient-javadoc", "p-cpe:/a:amazon:linux:jakarta-commons-httpclient-manual", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-410.NASL", "href": "https://www.tenable.com/plugins/nessus/78353", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-410.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78353);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\");\n script_xref(name:\"ALAS\", value:\"2014-410\");\n\n script_name(english:\"Amazon Linux AMI : jakarta-commons-httpclient (ALAS-2014-410)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments\nService (FPS) merchant Java SDK and other products, does not verify\nthat the server hostname matches a domain name in the subject's Common\nName (CN) or subjectAltName field of the X.509 certificate, which\nallows man-in-the-middle attackers to spoof SSL servers via an\narbitrary valid certificate.\n\nIt was found that the fix for CVE-2012-6153 was incomplete: the code\nadded to check that the server hostname matches the domain name in a\nsubject's Common Name (CN) field in X.509 certificates was flawed. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code\nadded to check that the server host name matches the domain name in a\nsubject's Common Name (CN) field in X.509 certificates was flawed. A\nman-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-410.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update jakarta-commons-httpclient' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:jakarta-commons-httpclient-manual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-3.1-15.8.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-demo-3.1-15.8.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-javadoc-3.1-15.8.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"jakarta-commons-httpclient-manual-3.1-15.8.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jakarta-commons-httpclient / jakarta-commons-httpclient-demo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T16:24:46", "description": "Updated jbossweb packages for JBoss Enterprise Application Platform 6.0.1 that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nJBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a protected resource could bypass the Cross-Site Request Forgery (CSRF) prevention filter in JBoss Web. A remote attacker could use this flaw to perform CSRF attacks against applications that rely on the CSRF prevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation and deployed applications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 on Red Hat Enterprise Linux 5 and 6 are advised to upgrade to these updated packages. The JBoss server process must be restarted for the update to take effect.", "cvss3": {}, "published": "2013-03-15T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : jbossweb (RHSA-2013:0647)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:jbossweb", "p-cpe:/a:redhat:enterprise_linux:jbossweb-lib", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0647.NASL", "href": "https://www.tenable.com/plugins/nessus/65562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0647. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65562);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4431\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56403, 56814);\n script_xref(name:\"RHSA\", value:\"2013:0647\");\n\n script_name(english:\"RHEL 5 / 6 : jbossweb (RHSA-2013:0647)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated jbossweb packages for JBoss Enterprise Application Platform\n6.0.1 that fix multiple security issues are now available for Red Hat\nEnterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nJBoss Web is the web container, based on Apache Tomcat, in JBoss\nEnterprise Application Platform. It provides a single deployment\nplatform for the JavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw\nto perform CSRF attacks against applications that rely on the CSRF\nprevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed\napplications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 on Red Hat\nEnterprise Linux 5 and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5887\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected jbossweb and / or jbossweb-lib packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:jbossweb-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0647\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-7.0.17-4.Final_redhat_3.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"jbossweb-lib-7.0.17-4.Final_redhat_3.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-7.0.17-4.Final_redhat_3.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"jbossweb-lib-7.0.17-4.Final_redhat_3.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"jbossweb / jbossweb-lib\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:41:23", "description": "It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates.\nAn attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache Commons HttpClient. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. This issue only affected Ubuntu 12.04 LTS.\n(CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was incomplete for Apache Commons HttpClient. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.\n(CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly handle read timeouts during HTTPS handshakes. A remote attacker could trigger this flaw to cause a denial of service. (CVE-2015-5262).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : Apache Commons HttpClient vulnerabilities (USN-2769-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577", "CVE-2015-5262"], "modified": "2023-10-23T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libcommons-httpclient-java", "cpe:/o:canonical:ubuntu_linux:14.04:-:lts"], "id": "UBUNTU_USN-2769-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86401", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2769-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86401);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/23\");\n\n script_cve_id(\n \"CVE-2012-5783\",\n \"CVE-2012-6153\",\n \"CVE-2014-3577\",\n \"CVE-2015-5262\"\n );\n script_xref(name:\"USN\", value:\"2769-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : Apache Commons HttpClient vulnerabilities (USN-2769-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"It was discovered that Apache Commons HttpClient did not properly\nverify the Common Name or subjectAltName fields of X.509 certificates.\nAn attacker could exploit this to perform a man in the middle attack\nto view sensitive information or alter encrypted communications. This\nissue only affected Ubuntu 12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for\nApache Commons HttpClient. An attacker could exploit this to perform a\nman in the middle attack to view sensitive information or alter\nencrypted communications. This issue only affected Ubuntu 12.04 LTS.\n(CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for\nCVE-2012-5783 was incomplete for Apache Commons HttpClient. An\nattacker could exploit this to perform a man in the middle attack to\nview sensitive information or alter encrypted communications.\n(CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly\nhandle read timeouts during HTTPS handshakes. A remote attacker could\ntrigger this flaw to cause a denial of service. (CVE-2015-5262).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-2769-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libcommons-httpclient-java package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3577\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcommons-httpclient-java\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '14.04', 'pkgname': 'libcommons-httpclient-java', 'pkgver': '3.1-10.2ubuntu0.14.04.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libcommons-httpclient-java');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:22:56", "description": "The version of JBoss Enterprise Portal Platform on the remote system is affected by the following issues:\n\n - A flaw in CSRF prevention filter in JBoss Web could allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. (CVE-2012-4431)\n\n - A flaw that occurs when the COOKIE session tracking method is used can allow attackers to hijack users' sessions. (CVE-2012-4529)\n\n - A flaw that occurs when multiple applications use the same custom authorization module class name can allow a local attacker to deploy a malicious application that overrides the custom authorization modules provided by other applications. (CVE-2012-4572)\n\n - The framework does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting. This can allow remote attackers to force the system to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications.\n (CVE-2012-5575)\n\n - A flaw in PicketBox can allow local users to obtain the admin encryption key by reading the Vault data file.\n (CVE-2013-1921)\n\n - A session fixation flaw was found in the FormAuthenticator module. (CVE-2013-2067)\n\n - A flaw that occurs when a JGroups channel was started results in the JGroups diagnostics service being enabled by default with no authentication via IP multicast. A remote attacker can make use of this flaw to read diagnostics information. (CVE-2013-2102)\n\n - A flaw in the StAX parser implementation can allow remote attackers to cause a denial of service via crafted XML. (CVE-2013-2160)\n\n - A flaw in Apache Santuario XML Security can allow context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak algorithm. (CVE-2013-2172)\n\n - A flaw in JGroup's DiagnosticsHandler can allow remote attackers to obtain sensitive information and execute arbitrary code by re-using valid credentials.\n (CVE-2013-4112)\n\n - A flaw in the manner in which authenticated connections were cached on the server by remote-naming can allow remote attackers to hijack sessions by using a remoting client. (CVE-2013-4128)\n\n - A flaw in the manner in which connections for EJB invocations were cached on the server can allow remote attackers to hijack sessions by using an EJB client.\n (CVE-2013-4213)", "cvss3": {}, "published": "2014-01-31T00:00:00", "type": "nessus", "title": "JBoss Portal 6.1.0 Update (RHSA-2013:1437)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-4529", "CVE-2012-4572", "CVE-2012-5575", "CVE-2013-1921", "CVE-2013-2067", "CVE-2013-2102", "CVE-2013-2160", "CVE-2013-2172", "CVE-2013-4112", "CVE-2013-4128", "CVE-2013-4213"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:redhat:jboss_enterprise_portal_platform:6.1.0"], "id": "REDHAT-RHSA-2013-1437.NASL", "href": "https://www.tenable.com/plugins/nessus/72237", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72237);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2012-4431\",\n \"CVE-2012-4529\",\n \"CVE-2012-4572\",\n \"CVE-2012-5575\",\n \"CVE-2013-1921\",\n \"CVE-2013-2067\",\n \"CVE-2013-2102\",\n \"CVE-2013-2160\",\n \"CVE-2013-2172\",\n \"CVE-2013-4112\",\n \"CVE-2013-4128\",\n \"CVE-2013-4213\"\n );\n script_bugtraq_id(\n 56814,\n 59799,\n 60040,\n 60043,\n 60045,\n 60846,\n 61030,\n 61179,\n 61739,\n 61742,\n 62256,\n 63196\n );\n script_xref(name:\"RHSA\", value:\"2013:1437\");\n\n script_name(english:\"JBoss Portal 6.1.0 Update (RHSA-2013:1437)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of JBoss Enterprise Portal Platform on the remote system is\naffected by the following issues:\n\n - A flaw in CSRF prevention filter in JBoss Web could allow\n remote attackers to bypass the cross-site request forgery\n (CSRF) protection mechanism via a request that lacks a\n session identifier. (CVE-2012-4431)\n\n - A flaw that occurs when the COOKIE session tracking\n method is used can allow attackers to hijack users'\n sessions. (CVE-2012-4529)\n\n - A flaw that occurs when multiple applications use the\n same custom authorization module class name can allow a\n local attacker to deploy a malicious application that\n overrides the custom authorization modules provided by\n other applications. (CVE-2012-4572)\n\n - The framework does not verify that a specified\n cryptographic algorithm is allowed by the\n WS-SecurityPolicy AlgorithmSuite definition before\n decrypting. This can allow remote attackers to force\n the system to use weaker cryptographic algorithms than\n intended and makes it easier to decrypt communications.\n (CVE-2012-5575)\n\n - A flaw in PicketBox can allow local users to obtain the\n admin encryption key by reading the Vault data file.\n (CVE-2013-1921)\n\n - A session fixation flaw was found in the\n FormAuthenticator module. (CVE-2013-2067)\n\n - A flaw that occurs when a JGroups channel was started\n results in the JGroups diagnostics service being enabled\n by default with no authentication via IP multicast. A\n remote attacker can make use of this flaw to read\n diagnostics information. (CVE-2013-2102)\n\n - A flaw in the StAX parser implementation can allow\n remote attackers to cause a denial of service via\n crafted XML. (CVE-2013-2160)\n\n - A flaw in Apache Santuario XML Security can allow\n context-dependent attackers to spoof an XML Signature\n by using the CanonicalizationMethod parameter to\n specify an arbitrary weak algorithm. (CVE-2013-2172)\n\n - A flaw in JGroup's DiagnosticsHandler can allow remote\n attackers to obtain sensitive information and execute\n arbitrary code by re-using valid credentials.\n (CVE-2013-4112)\n\n - A flaw in the manner in which authenticated connections\n were cached on the server by remote-naming can allow\n remote attackers to hijack sessions by using a remoting\n client. (CVE-2013-4128)\n\n - A flaw in the manner in which connections for EJB\n invocations were cached on the server can allow remote\n attackers to hijack sessions by using an EJB client.\n (CVE-2013-4213)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=868202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=872059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=880443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=883636\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=929197\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=948106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=961779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=963984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=983489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984795\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=985359\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=999263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2012-4431.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2012-4529.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2012-4572.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2012-5575.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-1921.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-2067.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-2102.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-2160.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-2172.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-4112.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-4128.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2013-4213.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the installed JBoss Portal 6.0.0 to 6.1.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:jboss_enterprise_portal_platform:6.1.0\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"jboss_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# We are only interested in Red Hat systems\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\n\ninfo = \"\";\njboss = 0;\ninstalls = get_kb_list_or_exit(\"Host/JBoss/Portal Platform\");\nif(!isnull(installs)) jboss = 1;\n\nforeach install (make_list(installs))\n{\n match = eregmatch(string:install, pattern:\"([^:]+):(.*)\");\n\n if (!isnull(match))\n {\n ver = match[1];\n path = match[2];\n\n if (ver =~ \"^6.0.0([^0-9]|$)\")\n {\n info += '\\n' + ' Path : ' + path+ '\\n';\n info += ' Version : ' + ver + '\\n';\n }\n }\n}\n\n# Report what we found.\nif (info)\n{\n set_kb_item(name:\"www/0/XSRF\", value:TRUE);\n if (report_verbosity > 0)\n {\n if (max_index(split(info)) > 3) s = 's of JBoss Enterprise Portal Platform are';\n else s = ' of JBoss Enterprise Portal Platform is';\n\n report =\n '\\n' +\n 'The following instance'+s+' out of date and\\nshould be upgraded to 6.1.0 or later :\\n' +\n info;\n\n security_hole(port:0, extra:report);\n }\n else security_hole(port:0);\n}\nelse if ( (!info) && (jboss) )\n{\n exit(0, \"The JBoss Enterprise Portal Platform version installed is not affected.\");\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-29T19:28:20", "description": "The version of WebSphere Application Server installed on the remote host is 8.0.x through 8.0.0.15, 8.5.x prior to 8.5.5.20, or 9.0.x prior to 9.0.5.8. It is, therefore, affected by multiple vulnerabilities as referenced in the 6453091 advisory, including the following:\n\n - http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors. (CVE-2015-5262)\n\n - org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the- middle attackers to spoof SSL servers via a CN= string in a field in the distinguished name (DN) of a certificate, as demonstrated by the foo,CN=www.apache.org string in the O field. (CVE-2014-3577)\n\n - http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783. (CVE-2012-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-20T00:00:00", "type": "nessus", "title": "IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1498", "CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577", "CVE-2015-5262"], "modified": "2022-02-04T00:00:00", "cpe": ["cpe:/a:ibm:websphere_application_server"], "id": "WEBSPHERE_6453091.NASL", "href": "https://www.tenable.com/plugins/nessus/149787", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149787);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/04\");\n\n script_cve_id(\n \"CVE-2011-1498\",\n \"CVE-2012-6153\",\n \"CVE-2014-3577\",\n \"CVE-2015-5262\"\n );\n\n script_name(english:\"IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web application server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of WebSphere Application Server installed on the remote host is 8.0.x through 8.0.0.15, 8.5.x prior to\n8.5.5.20, or 9.0.x prior to 9.0.5.8. It is, therefore, affected by multiple vulnerabilities as referenced in the\n6453091 advisory, including the following:\n\n - http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the\n http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause\n a denial of service (HTTPS call hang) via unspecified vectors. (CVE-2015-5262)\n\n - org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and\n HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in\n the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-\n middle attackers to spoof SSL servers via a CN= string in a field in the distinguished name (DN) of a\n certificate, as demonstrated by the foo,CN=www.apache.org string in the O field. (CVE-2014-3577)\n\n - http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify\n that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field\n of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate\n with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists\n because of an incomplete fix for CVE-2012-5783. (CVE-2012-6153)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.ibm.com/support/pages/node/6453091\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to IBM WebSphere Application Server 8.5.5.20, 9.0.5.8, or later. Alternatively, upgrade to the minimal fix pack\nlevels required by the interim fix and then apply Interim Fixes PH34501 and PH94944.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3577\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:websphere_application_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"websphere_detect.nasl\", \"ibm_enum_products.nbin\", \"ibm_websphere_application_server_nix_installed.nbin\");\n script_require_keys(\"installed_sw/IBM WebSphere Application Server\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = 'IBM WebSphere Application Server';\nvar app_info = vcf::combined_get_app_info(app:app);\nvcf::check_granularity(app_info:app_info, sig_segments:4);\n\n# If the detection is only remote, Source will be set, and we should require paranoia\nif (!empty_or_null(app_info['Source']) && app_info['Source'] != 'unknown' && report_paranoia < 2)\n audit(AUDIT_POTENTIAL_VULN, app_info['version'], app);\n\nif ('PH34501' >< app_info['Fixes'] && 'PH34944' >< app_info['Fixes'])\n audit(AUDIT_INST_VER_NOT_VULN, app);\n\nvar fix = 'Interim Fixes PH34501 and PH34944';\nvar constraints = [\n {'min_version':'8.0.0.0', 'max_version':'8.0.0.15', 'fixed_display':fix},\n {'min_version':'8.5.0.0', 'max_version':'8.5.5.19', 'fixed_display':'8.5.5.20 or ' + fix},\n {'min_version':'9.0.0.0', 'max_version':'9.0.5.7', 'fixed_display':'9.0.5.8 or ' + fix}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-07T15:30:54", "description": "Updated tomcat6 packages that fix multiple security issues are now available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a protected resource could bypass the Cross-Site Request Forgery (CSRF) prevention filter. A remote attacker could use this flaw to perform CSRF attacks against applications that rely on the CSRF prevention filter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP NIO connector is used by default in JBoss Enterprise Web Server. The Apache Portable Runtime (APR) connector from the Tomcat Native library was not affected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO connector enforced limits on the permitted size of request headers. A remote attacker could use this flaw to trigger an OutOfMemoryError by sending a specially crafted request with very large headers. The HTTP NIO connector is used by default in JBoss Enterprise Web Server. The APR connector from the Tomcat Native library was not affected by this flaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise Web Server installation (including all applications and configuration files).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve these issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0266)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2733", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:tomcat6", "p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps", "p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp", "p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc", "p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-lib", "p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j", "p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api", "p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0266.NASL", "href": "https://www.tenable.com/plugins/nessus/76234", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0266. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76234);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2733\", \"CVE-2012-4431\", \"CVE-2012-4534\", \"CVE-2012-5885\", \"CVE-2012-5886\", \"CVE-2012-5887\");\n script_bugtraq_id(56402, 56403, 56813, 56814);\n script_xref(name:\"RHSA\", value:\"2013:0266\");\n\n script_name(english:\"RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0266)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tomcat6 packages that fix multiple security issues are now\navailable for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise\nLinux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nApache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF.\n(CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when\nusing the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote\nattacker could use this flaw to cause a denial of service (infinite\nloop). The HTTP NIO connector is used by default in JBoss Enterprise\nWeb Server. The Apache Portable Runtime (APR) connector from the\nTomcat Native library was not affected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to\nperform replay attacks in some circumstances. (CVE-2012-5885,\nCVE-2012-5886, CVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO\nconnector enforced limits on the permitted size of request headers. A\nremote attacker could use this flaw to trigger an OutOfMemoryError by\nsending a specially crafted request with very large headers. The HTTP\nNIO connector is used by default in JBoss Enterprise Web Server. The\nAPR connector from the Tomcat Native library was not affected by this\nflaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss\nEnterprise Web Server installation (including all applications and\nconfiguration files).\n\nUsers of Tomcat should upgrade to these updated packages, which\nresolve these issues. Tomcat must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://tomcat.apache.org/security-6.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0266\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-5887\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-admin-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-docs-webapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-el-1.0-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-jsp-2.1-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-log4j\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-servlet-2.5-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tomcat6-webapps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0266\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL5\", rpm:\"mod_cluster\") || rpm_exists(release:\"RHEL6\", rpm:\"mod_cluster\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"JBoss Web Server\");\n\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-admin-webapps-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-docs-webapp-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-el-1.0-api-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-javadoc-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-jsp-2.1-api-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-lib-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-log4j-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-servlet-2.5-api-6.0.35-6_patch_06.ep6.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"tomcat6-webapps-6.0.35-6_patch_06.ep6.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-admin-webapps-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-docs-webapp-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-el-1.0-api-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-javadoc-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-jsp-2.1-api-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-lib-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-log4j-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-servlet-2.5-api-6.0.35-29_patch_06.ep6.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"tomcat6-webapps-6.0.35-29_patch_06.ep6.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tomcat6 / tomcat6-admin-webapps / tomcat6-docs-webapp / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2023-05-09T02:21:33", "description": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve\nthis issue. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-02-19T20:31:14", "type": "redhat", "title": "(RHSA-2013:0268) Moderate: tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2018-08-09T15:46:59", "id": "RHSA-2013:0268", "href": "https://access.redhat.com/errata/RHSA-2013:0268", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-09T02:21:33", "description": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nAll users of JBoss Enterprise Web Server 2.0.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update.", "cvss3": {}, "published": "2013-02-19T20:30:19", "type": "redhat", "title": "(RHSA-2013:0267) Moderate: tomcat7 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2018-06-06T22:42:48", "id": "RHSA-2013:0267", "href": "https://access.redhat.com/errata/RHSA-2013:0267", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-25T14:36:50", "description": "Apache Santuario implements the XML Signature Syntax and Processing and XML\nEncryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss\nEnterprise Application Platform installation (including all applications\nand configuration files).\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to this updated\npackage. The JBoss server process must be restarted for the update to take\neffect.\n", "cvss3": {}, "published": "2013-09-09T00:00:00", "type": "redhat", "title": "(RHSA-2013:1217) Moderate: xml-security security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2018-06-06T22:37:45", "id": "RHSA-2013:1217", "href": "https://access.redhat.com/errata/RHSA-2013:1217", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-16T14:55:47", "description": "The Jakarta Commons HttpClient component can be used to build HTTP-aware\nclient applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject's Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Web Platform installation (including all applications and\nconfiguration files).\n\nAll users of JBoss Enterprise Web Platform 5.2.0 on Red Hat Enterprise\nLinux 4, 5, and 6 are advised to upgrade to this updated package. The JBoss\nserver process must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2013-03-25T00:00:00", "type": "redhat", "title": "(RHSA-2013:0682) Moderate: jakarta-commons-httpclient security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-06T22:39:14", "id": "RHSA-2013:0682", "href": "https://access.redhat.com/errata/RHSA-2013:0682", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-25T12:21:37", "description": "The Red Hat Support plug-in for Red Hat Enterprise Virtualization is a new\nfeature which offers seamless integrated access to Red Hat Access services\nfrom the Red Hat Enterprise Virtualization Administration Portal. The\nplug-in provides automated functionality that enables quicker help,\nanswers, and proactive services. It offers easy and instant access to Red\nHat exclusive knowledge, resources, engagement, and diagnostic features.\n\nDetailed information about this plug-in can be found in the Red Hat\nCustomer Portal at https://access.redhat.com/site/articles/425603\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject's Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nAll users of the Red Hat Support plug-in on Red Hat Enterprise\nVirtualization Manager are advised to install this updated package, which\nfixes this issue.\n", "cvss3": {}, "published": "2014-02-27T00:00:00", "type": "redhat", "title": "(RHSA-2014:0224) Moderate: redhat-support-plugin-rhev security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-07T05:00:10", "id": "RHSA-2014:0224", "href": "https://access.redhat.com/errata/RHSA-2014:0224", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-16T14:55:47", "description": "The Jakarta Commons HttpClient component can be used to build HTTP-aware\nclient applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject's Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation (including all applications\nand configuration files).\n\nAll users of JBoss Enterprise Application Platform 5.2.0 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to this updated\npackage. The JBoss server process must be restarted for the update to take\neffect.\n", "cvss3": {}, "published": "2013-03-25T00:00:00", "type": "redhat", "title": "(RHSA-2013:0680) Moderate: jakarta-commons-httpclient security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-06T22:37:45", "id": "RHSA-2013:0680", "href": "https://access.redhat.com/errata/RHSA-2013:0680", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-25T14:36:50", "description": "Apache Santuario implements the XML Signature Syntax and Processing and XML\nEncryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss\nWeb Platform installation (including all applications and configuration\nfiles).\n\nAll users of Red Hat JBoss Web Platform 5.2.0 on Red Hat Enterprise Linux\n4, 5, and 6 are advised to upgrade to this updated package. The JBoss\nserver process must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2013-09-09T00:00:00", "type": "redhat", "title": "(RHSA-2013:1219) Moderate: xml-security security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2018-06-06T22:39:14", "id": "RHSA-2013:1219", "href": "https://access.redhat.com/errata/RHSA-2013:1219", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-25T14:36:50", "description": "Apache Santuario implements the XML Signature Syntax and Processing and XML\nEncryption Syntax and Processing standards.\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nWarning: Before applying this update, back up your existing Red Hat JBoss\nEnterprise Application Platform installation (including all applications\nand configuration files).\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 as\nprovided from the Red Hat Customer Portal are advised to apply this update.", "cvss3": {}, "published": "2013-09-09T16:49:26", "type": "redhat", "title": "(RHSA-2013:1218) Moderate: xml-security security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2019-02-20T08:50:43", "id": "RHSA-2013:1218", "href": "https://access.redhat.com/errata/RHSA-2013:1218", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-25T14:36:50", "description": "Red Hat JBoss BRMS is a business rules management system for the\nmanagement, storage, creation, modification, and deployment of JBoss Rules.\n\nThis roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS\n5.3.1. It includes various bug fixes. The following security issue is also\nfixed with this release:\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nAll users of Red Hat JBoss BRMS 5.3.1 as provided from the Red Hat Customer\nPortal are advised to apply this roll up patch.", "cvss3": {}, "published": "2013-09-30T17:46:18", "type": "redhat", "title": "(RHSA-2013:1375) Moderate: Red Hat JBoss BRMS 5.3.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2019-02-20T12:12:15", "id": "RHSA-2013:1375", "href": "https://access.redhat.com/errata/RHSA-2013:1375", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-09T02:21:33", "description": "The Jakarta Commons HttpClient component can be used to build HTTP-aware\nclient applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject's Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nAll users of jakarta-commons-httpclient are advised to upgrade to these\nupdated packages, which correct this issue. Applications using the Jakarta\nCommons HttpClient component must be restarted for this update to take\neffect.\n", "cvss3": {}, "published": "2013-02-19T00:00:00", "type": "redhat", "title": "(RHSA-2013:0270) Moderate: jakarta-commons-httpclient security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-06T16:24:11", "id": "RHSA-2013:0270", "href": "https://access.redhat.com/errata/RHSA-2013:0270", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-16T14:55:47", "description": "The Jakarta Commons HttpClient component can be used to build HTTP-aware\nclient applications (such as web browsers and web service clients).\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject's Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation (including all applications\nand configuration files).\n\nAll users of JBoss Enterprise Application Platform 5.2.0 as provided from\nthe Red Hat Customer Portal are advised to apply this update.", "cvss3": {}, "published": "2013-03-25T17:02:45", "type": "redhat", "title": "(RHSA-2013:0679) Moderate: jakarta-commons-httpclient security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2019-02-20T12:34:54", "id": "RHSA-2013:0679", "href": "https://access.redhat.com/errata/RHSA-2013:0679", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-25T14:36:49", "description": "Red Hat JBoss SOA Platform is the next-generation ESB and business process\nautomation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage\nexisting (MoM and EAI), modern (SOA and BPM-Rules), and future (EDA and\nCEP) integration methodologies to dramatically improve business process\nexecution speed and quality.\n\nThis roll up patch serves as a cumulative upgrade for Red Hat JBoss SOA\nPlatform 5.3.1. It includes various bug fixes. The following security\nissues are also fixed with this release:\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially-crafted XML signature block. (CVE-2013-2172)\n\nIt was discovered that the Spring OXM wrapper did not expose any property\nfor disabling entity resolution when using the JAXB unmarshaller. A remote\nattacker could use this flaw to conduct XML External Entity (XXE) attacks\non web sites, and read files in the context of the user running the\napplication server. The patch for this flaw disables external entity\nprocessing by default, and provides a configuration directive to re-enable\nit. (CVE-2013-4152)\n\nWarning: Before applying the update, back up your existing Red Hat JBoss\nSOA Platform installation (including its databases, applications,\nconfiguration files, and so on).\n\nAll users of Red Hat JBoss SOA Platform 5.3.1 as provided from the Red Hat\nCustomer Portal are advised to apply this roll up patch.", "cvss3": {}, "published": "2014-02-25T16:33:00", "type": "redhat", "title": "(RHSA-2014:0212) Moderate: Red Hat JBoss SOA Platform 5.3.1 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172", "CVE-2013-4152"], "modified": "2019-02-20T12:13:18", "id": "RHSA-2014:0212", "href": "https://access.redhat.com/errata/RHSA-2014:0212", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T10:21:36", "description": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications, which integrates the JBoss Application Server with JBoss\nHibernate and JBoss Seam.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added\nto check that the server host name matches the domain name in a subject's\nCommon Name (CN) field in X.509 certificates was flawed.\nA man-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name from\nan X.509 certificate subject's Common Name (CN) field. A man-in-the-middle\nattacker could use this flaw to spoof an SSL server using a specially\ncrafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nFor additional information on these flaws, refer to the Knowledgebase\narticle in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 5.2.0 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to take\neffect.\n", "cvss3": {}, "published": "2014-09-29T00:00:00", "type": "redhat", "title": "(RHSA-2014:1321) Important: Red Hat JBoss Enterprise Application Platform 5.2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2018-06-06T22:37:45", "id": "RHSA-2014:1321", "href": "https://access.redhat.com/errata/RHSA-2014:1321", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-26T10:21:36", "description": "Red Hat JBoss Enterprise Web Platform is a platform for Java applications,\nwhich integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added\nto check that the server host name matches the domain name in a subject's\nCommon Name (CN) field in X.509 certificates was flawed.\nA man-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name from\nan X.509 certificate subject's Common Name (CN) field. A man-in-the-middle\nattacker could use this flaw to spoof an SSL server using a specially\ncrafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nFor additional information on these flaws, refer to the Knowledgebase\narticle in the References section.\n\nAll users of Red Hat JBoss Enterprise Web Platform 5.2.0 on Red Hat\nEnterprise Linux 4, 5, and 6 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to take\neffect.\n", "cvss3": {}, "published": "2014-09-29T00:00:00", "type": "redhat", "title": "(RHSA-2014:1320) Important: Red Hat JBoss Enterprise Web Platform 5.2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2018-06-06T22:39:14", "id": "RHSA-2014:1320", "href": "https://access.redhat.com/errata/RHSA-2014:1320", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-26T10:21:36", "description": "Fuse ESB Enterprise is an integration platform based on Apache ServiceMix.\nFuse MQ Enterprise, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nThis release of Fuse ESB Enterprise/MQ Enterprise 7.1.0 R1 P6 is an update\nto Fuse ESB Enterprise 7.1.0 and Fuse MQ Enterprise 7.1.0. The following\nsecurity issues are addressed with this release:\n\nIt was discovered that Apache Shiro authenticated users without specifying\na user name or a password when used in conjunction with an LDAP back end\nthat allowed unauthenticated binds. (CVE-2014-0074)\n\nIt was found that the secure processing feature of Xalan-Java had\ninsufficient restrictions defined for certain properties and features.\nA remote attacker able to provide Extensible Stylesheet Language\nTransformations (XSLT) content to be processed by an application using\nXalan-Java could use this flaw to bypass the intended constraints of the\nsecure processing feature. Depending on the components available in the\nclasspath, this could lead to arbitrary remote code execution in the\ncontext of the application server running the application that uses\nXalan-Java. (CVE-2014-0107)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially crafted XML signature block. (CVE-2013-2172)\n\nAll users of Fuse ESB Enterprise/MQ Enterprise 7.1.0 as provided from the\nRed Hat Customer Portal are advised to upgrade to Fuse ESB Enterprise/MQ\nEnterprise 7.1.0 R1 P6.\n", "cvss3": {}, "published": "2014-10-09T00:00:00", "type": "redhat", "title": "(RHSA-2014:1369) Important: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172", "CVE-2014-0074", "CVE-2014-0107"], "modified": "2019-03-22T19:43:50", "id": "RHSA-2014:1369", "href": "https://access.redhat.com/errata/RHSA-2014:1369", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T10:21:36", "description": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java\napplications based on JBoss Application Server 7.\n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added\nto check that the server host name matches the domain name in a subject's\nCommon Name (CN) field in X.509 certificates was flawed.\nA man-in-the-middle attacker could use this flaw to spoof an SSL server\nusing a specially crafted X.509 certificate. (CVE-2012-6153)\n\nIt was discovered that the HttpClient incorrectly extracted host name from\nan X.509 certificate subject's Common Name (CN) field. A man-in-the-middle\nattacker could use this flaw to spoof an SSL server using a specially\ncrafted X.509 certificate. (CVE-2014-3577)\n\nThe CVE-2012-6153 issue was discovered by Florian Weimer of Red Hat\nProduct Security.\n\nFor additional information on these flaws, refer to the Knowledgebase\narticle in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.3.0 on Red Hat\nEnterprise Linux 5, 6, and 7 are advised to upgrade to these updated\npackages. The JBoss server process must be restarted for the update to\ntake effect.\n", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "redhat", "title": "(RHSA-2014:1162) Important: Red Hat JBoss Enterprise Application Platform 6.3.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2018-06-06T22:39:08", "id": "RHSA-2014:1162", "href": "https://access.redhat.com/errata/RHSA-2014:1162", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-05-16T14:55:47", "description": "JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise\nApplication Platform. It provides a single deployment platform for the\nJavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw to\nperform CSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 as provided from\nthe Red Hat Customer Portal are advised to apply this update.", "cvss3": {}, "published": "2013-03-14T16:39:33", "type": "redhat", "title": "(RHSA-2013:0648) Moderate: jbossweb security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2019-02-20T12:36:11", "id": "RHSA-2013:0648", "href": "https://access.redhat.com/errata/RHSA-2013:0648", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-16T14:55:47", "description": "JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise\nApplication Platform. It provides a single deployment platform for the\nJavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw to\nperform CSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 on Red Hat\nEnterprise Linux 5 and 6 are advised to upgrade to these updated packages.\nThe JBoss server process must be restarted for the update to take effect.\n", "cvss3": {}, "published": "2013-03-14T00:00:00", "type": "redhat", "title": "(RHSA-2013:0647) Moderate: jbossweb security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2018-06-06T22:39:05", "id": "RHSA-2013:0647", "href": "https://access.redhat.com/errata/RHSA-2013:0647", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-09T02:21:33", "description": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when using\nthe HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\ncould use this flaw to cause a denial of service (infinite loop). The HTTP\nNIO connector is used by default in JBoss Enterprise Web Server. The Apache\nPortable Runtime (APR) connector from the Tomcat Native library was not\naffected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO connector\nenforced limits on the permitted size of request headers. A remote attacker\ncould use this flaw to trigger an OutOfMemoryError by sending a\nspecially-crafted request with very large headers. The HTTP NIO connector\nis used by default in JBoss Enterprise Web Server. The APR connector from\nthe Tomcat Native library was not affected by this flaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nAll users of JBoss Enterprise Web Server 2.0.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update.", "cvss3": {}, "published": "2013-02-19T20:28:50", "type": "redhat", "title": "(RHSA-2013:0265) Moderate: tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2733", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2018-06-06T22:42:48", "id": "RHSA-2013:0265", "href": "https://access.redhat.com/errata/RHSA-2013:0265", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-05-09T02:21:33", "description": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when using\nthe HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\ncould use this flaw to cause a denial of service (infinite loop). The HTTP\nNIO connector is used by default in JBoss Enterprise Web Server. The Apache\nPortable Runtime (APR) connector from the Tomcat Native library was not\naffected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO connector\nenforced limits on the permitted size of request headers. A remote attacker\ncould use this flaw to trigger an OutOfMemoryError by sending a\nspecially-crafted request with very large headers. The HTTP NIO connector\nis used by default in JBoss Enterprise Web Server. The APR connector from\nthe Tomcat Native library was not affected by this flaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve\nthese issues. Tomcat must be restarted for this update to take effect.", "cvss3": {}, "published": "2013-02-19T20:29:27", "type": "redhat", "title": "(RHSA-2013:0266) Moderate: tomcat6 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2733", "CVE-2012-4431", "CVE-2012-4534", "CVE-2012-5885", "CVE-2012-5886", "CVE-2012-5887"], "modified": "2018-08-09T15:46:59", "id": "RHSA-2013:0266", "href": "https://access.redhat.com/errata/RHSA-2013:0266", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "tomcat": [{"lastseen": "2023-12-07T22:42:03", "description": "**Important: Bypass of CSRF prevention filter** [CVE-2012-4431](<https://vulners.com/cve/CVE-2012-4431>)\n\nThe CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request. \n\nThis was fixed in revision [1393088](<https://svn.apache.org/viewvc?view=rev&rev=1393088>).\n\nThis issue was identified by the Tomcat security team on 8 September 2012 and made public on 4 December 2012.\n\nAffects: 7.0.0-7.0.31", "cvss3": {}, "published": "2012-10-09T00:00:00", "type": "tomcat", "title": "Fixed in Apache Tomcat 7.0.32", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2012-10-09T00:00:00", "id": "TOMCAT:4FEF3224A3B841D1683CF58ECA4F4632", "href": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-07T22:42:04", "description": "**Important: Denial of service** [CVE-2012-2733](<https://vulners.com/cve/CVE-2012-2733>)\n\nThe checks that limited the permitted size of request headers were implemented too late in the request parsing process for the HTTP NIO connector. This enabled a malicious user to trigger an OutOfMemoryError by sending a single request with very large headers. \n\nThis was fixed in revision [1356208](<https://svn.apache.org/viewvc?view=rev&rev=1356208>).\n\nThis was reported by Josh Spiewak to the Tomcat security team on 4 June 2012 and made public on 5 November 2012.\n\nAffects: 6.0.0-6.0.35\n\n**Moderate: DIGEST authentication weakness** [CVE-2012-3439](<https://vulners.com/cve/CVE-2012-3439>)\n\nThree weaknesses in Tomcat's implementation of DIGEST authentication were identified and resolved: \n\n 1. Tomcat tracked client rather than server nonces and nonce count.\n 2. When a session ID was present, authentication was bypassed.\n 3. The user name and password were not checked before when indicating that a nonce was stale.\n\nThese issues reduced the security of DIGEST authentication making replay attacks possible in some circumstances. \n\nThis was fixed in revision [1380829](<https://svn.apache.org/viewvc?view=rev&rev=1380829>).\n\nThe first issue was reported by Tilmann Kuhn to the Tomcat security team on 19 July 2012. The second and third issues were discovered by the Tomcat security team during the resulting code review. All three issues were made public on 5 November 2012.\n\nAffects: 6.0.0-6.0.35\n\n**Important: Bypass of security constraints** [CVE-2012-3546](<https://vulners.com/cve/CVE-2012-3546>)\n\nWhen using FORM authentication it was possible to bypass the security constraint checks in the FORM authenticator by appending */j_security_check* to the end of the URL if some other component (such as the Single-Sign-On valve) had called *request.setUserPrincipal()* before the call to *FormAuthenticator#authenticate()*. \n\nThis was fixed in revision [1381035](<https://svn.apache.org/viewvc?view=rev&rev=1381035>).\n\nThis issue was identified by the Tomcat security team on 13 July 2012 and made public on 4 December 2012.\n\nAffects: 6.0.0-6.0.35\n\n**Important: Bypass of CSRF prevention filter** [CVE-2012-4431](<https://vulners.com/cve/CVE-2012-4431>)\n\nThe CSRF prevention filter could be bypassed if a request was made to a protected resource without a session identifier present in the request. \n\nThis was fixed in revision [1394456](<https://svn.apache.org/viewvc?view=rev&rev=1394456>).\n\nThis issue was identified by the Tomcat security team on 8 September 2012 and made public on 4 December 2012.\n\nAffects: 6.0.30-6.0.35\n\n**Important: Denial of service** [CVE-2012-4534](<https://vulners.com/cve/CVE-2012-4534>)\n\nWhen using the NIO connector with sendfile and HTTPS enabled, if a client breaks the connection while reading the response an infinite loop is entered leading to a denial of service. This was originally reported as [bug 52858](<https://bz.apache.org/bugzilla/show_bug.cgi?id=52858>). \n\nThis was fixed in revision [1372035](<https://svn.apache.org/viewvc?view=rev&rev=1372035>).\n\nThe security implications of this bug were reported to the Tomcat security team by Arun Neelicattu of the Red Hat Security Response Team on 3 October 2012 and made public on 4 December 2012.\n\nAffects: 6.0.0-6.0.35", "cvss3": {}, "published": "2012-10-19T00:00:00", "type": "tomcat", "title": "Fixed in Apache Tomcat 6.0.36", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2733", "CVE-2012-3439", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534"], "modified": "2012-10-19T00:00:00", "id": "TOMCAT:19B8FA4EC945FD0929C4EAC0F08D41F7", "href": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter\r\n\r\nSeverity: Important\r\n\r\nVendor: The Apache Software Foundation\r\n\r\nVersions Affected:\r\n- - Tomcat 7.0.0 to 7.0.31\r\n- - Tomcat 6.0.0 to 6.0.35\r\n\r\nDescription:\r\nThe CSRF prevention filter could be bypassed if a request was made to a\r\nprotected resource without a session identifier present in the request.\r\n\r\nMitigation:\r\nUsers of affected versions should apply one of the following mitigations:\r\n- - Tomcat 7.0.x users should upgrade to 7.0.32 or later\r\n- - Tomcat 6.0.x users should upgrade to 6.0.36 or later\r\n\r\nCredit:\r\nThis issue was identified by The Tomcat security team\r\n\r\nReferences:\r\nhttp://tomcat.apache.org/security.html\r\nhttp://tomcat.apache.org/security-7.html\r\nhttp://tomcat.apache.org/security-6.html\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (MingW32)\r\nComment: Using GnuPG with undefined - http://www.enigmail.net/\r\n\r\niQIcBAEBAgAGBQJQvlNvAAoJEBDAHFovYFnnY80QAMvP1gIpG00vfIdiFabpJX55\r\nUEmkPuTSefxZ6NMvAL8GkuUe8CoC6KinCgOx+s8eGlEiHtWFoYvM/Ckg8E3a8SY6\r\nMfD8GLo2av/LdULGSCBrbaL2wFbgixPTBpgR9YS4bdpTK5nVqBZyZOjOzptqRDnE\r\nBQXDLLKa65/z7cF57l+XcLs1+JW3KJGRiGJzBNUrJK1x/AzfgRgk4jgvYdyDWdpI\r\nzuXKgwBbunblPL4sZhZA2mhoswBIMIJIaHXOAD28Ddt9IIae0UFptY6LmExOkSsa\r\nPtshA4EBlO8JTPPcfwtqA/bkHAWCzB1QshkYD57rLF3t1ouDQWI6j8l+q3AYIxzv\r\na0Ix4qzE2hekcjGSCUMZUqNgcaGSjsggaOEo5zauM01osPQxbfpH41eH5fIWlMKi\r\nvrxRjYJwLyLdkj3bZFuP7Uq1GL4BLjeKDfqsL4aqcfdBPZea6C9rToEkB8EjD4vf\r\nDVdrX4Ivg3ImMMnL+gkX4+5aLp+jpw23G9gZbX1DJn+648iv3yFoK5ysOWy1GAAO\r\nx1Iq3pa49NigJ0ipjZvxc07THIoiK/t49/3fWzMR1Xm819oJC2/Qf512l/FpEltK\r\nkQ0y8BC4+7ypUZyhtwE3jzLW1x2j4ZBK8l1nX0X92WepJ6piro/7o80qiyDMfqPC\r\nhbmBu213eSXnV9kRHveI\r\n=jich\r\n-----END PGP SIGNATURE-----\r\n", "cvss3": {}, "published": "2012-12-07T00:00:00", "type": "securityvulns", "title": "CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-4431"], "modified": "2012-12-07T00:00:00", "id": "SECURITYVULNS:DOC:28804", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28804", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:50", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2028-1\r\nNovember 12, 2013\r\n\r\nlibxml-security-java vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nApache XML Security for Java could be tricked into validating spoofed\r\nsignatures.\r\n\r\nSoftware Description:\r\n- libxml-security-java: implementation of security standards for XML\r\n\r\nDetails:\r\n\r\nJames Forshaw discovered that Apache XML Security for Java incorrectly\r\nvalidated CanonicalizationMethod parameters. An attacker could use this\r\nflaw to spoof XML signatures.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n libxml-security-java 1.4.3-2ubuntu0.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2028-1\r\n CVE-2013-2172\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libxml-security-java/1.4.3-2ubuntu0.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "cvss3": {}, "published": "2013-12-09T00:00:00", "type": "securityvulns", "title": "[USN-2028-1] Apache XML Security for Java vulnerability", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2013-12-09T00:00:00", "id": "SECURITYVULNS:DOC:30087", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30087", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T19:14:42", "description": "Protection bypass, DoS.", "cvss3": {}, "published": "2012-12-07T00:00:00", "type": "securityvulns", "title": "Apache Tomcat multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-3546", "CVE-2012-4534"], "modified": "2012-12-07T00:00:00", "id": "SECURITYVULNS:VULN:12747", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12747", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:11:02", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2769-1\r\nOctober 14, 2015\r\n\r\ncommons-httpclient vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in commons-httpclient.\r\n\r\nSoftware Description:\r\n- commons-httpclient: A Java(TM) library for creating HTTP clients\r\n\r\nDetails:\r\n\r\nIt was discovered that Apache Commons HttpClient did not properly verify the\r\nCommon Name or subjectAltName fields of X.509 certificates. An attacker could\r\nexploit this to perform a man in the middle attack to view sensitive\r\ninformation or alter encrypted communications. This issue only affected Ubuntu\r\n12.04 LTS. (CVE-2012-5783)\r\n\r\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache\r\nCommons HttpClient. An attacker could exploit this to perform a man in the\r\nmiddle attack to view sensitive information or alter encrypted communications.\r\nThis issue only affected Ubuntu 12.04 LTS. (CVE-2012-6153)\r\n\r\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was\r\nincomplete for Apache Commons HttpClient. An attacker could exploit this to\r\nperform a man in the middle attack to view sensitive information or alter\r\nencrypted communications. (CVE-2014-3577)\r\n\r\nIt was discovered that Apache Commons HttpClient did not properly handle read\r\ntimeouts during HTTPS handshakes. A remote attacker could trigger this flaw to\r\ncause a denial of service. (CVE-2015-5262)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n libcommons-httpclient-java 3.1-10.2ubuntu0.15.04.1\r\n\r\nUbuntu 14.04 LTS:\r\n libcommons-httpclient-java 3.1-10.2ubuntu0.14.04.1\r\n\r\nUbuntu 12.04 LTS:\r\n libcommons-httpclient-java 3.1-10ubuntu0.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2769-1\r\n CVE-2012-5783, CVE-2012-6153, CVE-2014-3577, CVE-2015-5262\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10.2ubuntu0.15.04.1\r\n https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10.2ubuntu0.14.04.1\r\n https://launchpad.net/ubuntu/+source/commons-httpclient/3.1-10ubuntu0.1\r\n\r\n\r\n\r\n-- \r\nubuntu-security-announce mailing list\r\nubuntu-security-announce@lists.ubuntu.com\r\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "cvss3": {}, "published": "2015-10-25T00:00:00", "type": "securityvulns", "title": "[USN-2769-1] Apache Commons HttpClient", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2012-6153", "CVE-2015-5262", "CVE-2012-5783", "CVE-2014-3577"], "modified": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32573", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32573", "sourceData": "", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}], "veracode": [{"lastseen": "2023-04-18T14:12:15", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.\n", "cvss3": {}, "published": "2019-01-15T08:56:33", "type": "veracode", "title": "Cross-site Request Forgery (CSRF)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2019-05-15T06:18:00", "id": "VERACODE:11068", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11068/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-18T14:11:49", "description": "Apache Santuario XML Security is vulnerable to Spoofable XML Signature. The use of weak CanonicalizationMethod in jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak canonicalization algorithm to apply to the SignedInfo part of the Signature.\n", "cvss3": {}, "published": "2019-01-15T08:59:00", "type": "veracode", "title": "Spoofable XML Signature", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2023-02-13T07:20:04", "id": "VERACODE:11241", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11241/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-18T13:45:30", "description": "The Apache Commons HTTPClient 3.x (as used in Amazon Flexible Payments Service FPS merchant Java SDK and other SDK products), does not verify that the server hostname matches a domain name in the subjects Common Name CN or subjectAltName field of the X.509 certificate, which allows Man In The Middle attackers to spoof SSL servers via an arbitrary valid certificate.\n", "cvss3": {}, "published": "2019-01-15T08:56:38", "type": "veracode", "title": "Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2021-04-23T19:24:49", "id": "VERACODE:11070", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11070/summary", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-04-18T14:12:07", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.\n", "cvss3": {}, "published": "2019-01-15T08:59:46", "type": "veracode", "title": "Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2019-05-15T06:18:01", "id": "VERACODE:11290", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11290/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "seebug": [{"lastseen": "2017-11-19T17:48:22", "description": "BUGTRAQ ID: 56814\r\nCVE(CAN) ID: CVE-2012-4431\r\n\r\nApache Tomcat\u662f\u4e00\u4e2a\u6d41\u884c\u7684\u5f00\u653e\u6e90\u7801\u7684JSP\u5e94\u7528\u670d\u52a1\u5668\u7a0b\u5e8f\u3002\r\n\r\nTomcat v7.0.31\u30016.0.35\u4e4b\u524d\u7248\u672c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5f53\u524d\u7528\u6237\u6743\u9650\u6267\u884c\u67d0\u4e9b\u64cd\u4f5c\uff0c\u8bbf\u95ee\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u3002\n0\nApache Group Tomcat 7.0.0 - 7.0.29\r\nApache Group Tomcat 6.0.0 - 6.0.35\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApache Group\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\u66f4\u9ad8\u7248\u672c\u3002\r\n\r\n\u53c2\u8003\u94fe\u63a5\uff1a\r\nhttp://tomcat.apache.org/security.html\r\nhttp://tomcat.apache.org/security-7.html\r\nhttp://tomcat.apache.org/security-6.html", "cvss3": {}, "published": "2012-12-07T00:00:00", "type": "seebug", "title": "Apache Tomcat \u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2012-4431"], "modified": "2012-12-07T00:00:00", "id": "SSV:60497", "href": "https://www.seebug.org/vuldb/ssvid-60497", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T17:41:29", "description": "CVE ID:CVE-2013-2172\r\n\r\nApache XML Security\u662f\u4e00\u4e2aXML\u5b89\u5168\u6807\u51c6\u4e0b\u7684\u6570\u5b57\u7b7e\u540d\u5b9e\u73b0\r\n\r\nXML\u7b7e\u540d\u5305\u542b\u4e00\u4e2a"CanonicalizationMethod"\u53c2\u6570\u7528\u4e8e\u6307\u5b9a\u5e94\u7528\u4e8e\u7b7e\u540d\u7684SignedInfo\u90e8\u5206\u6240\u9700\u7684\u89c4\u8303\u5316\u7b97\u6cd5(canonicalization algorithm)\u3002\u800c\u5b9e\u9645\u662fXML\u7b7e\u540d\u7684Apache Santuario XML Security for Java\u5b9e\u73b0\u5141\u8bb8\u628a\u4efb\u610f\u7b97\u6cd5\u6307\u5b9a\u7ed9\u6b64\u53c2\u6570\uff0c\u53ef\u88ab\u5229\u7528\u5bf9XML\u7b7e\u540d\u8fdb\u884c\u4f2a\u9020\u653b\u51fb\n0\nApache XML Security (Java) 1.5.x\r\nApache XML Security (Java) 1.4.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\nApache XML Security (Java) 1.5.5\u62161.4.8\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://santuario.apache.org", "cvss3": {}, "published": "2013-07-02T00:00:00", "type": "seebug", "title": "Apache XML Security\u7b7e\u540d\u4f2a\u9020\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2013-07-02T00:00:00", "id": "SSV:60867", "href": "https://www.seebug.org/vuldb/ssvid-60867", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "github": [{"lastseen": "2023-12-06T17:28:16", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "cvss3": {}, "published": "2022-05-17T00:57:51", "type": "github", "title": "Cross-Site Request Forgery in Apache Tomcat", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2023-01-27T05:02:35", "id": "GHSA-76VR-72MV-MF3Q", "href": "https://github.com/advisories/GHSA-76vr-72mv-mf3q", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:28:38", "description": "`jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java` in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak \"canonicalization algorithm to apply to the SignedInfo part of the Signature.\"", "cvss3": {}, "published": "2022-05-13T01:05:56", "type": "github", "title": "Inefficient Algorithmic Complexity in Apache Santuario XML Security", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2023-06-01T19:51:08", "id": "GHSA-R237-W2W6-JQ3P", "href": "https://github.com/advisories/GHSA-r237-w2w6-jq3p", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T17:28:38", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "cvss3": {}, "published": "2022-05-13T01:10:34", "type": "github", "title": "Improper Certificate Validation in apache HttpClient", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2023-01-27T05:02:30", "id": "GHSA-3832-9276-X7GF", "href": "https://github.com/advisories/GHSA-3832-9276-x7gf", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-07T20:31:12", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.", "cvss3": {}, "published": "2018-10-17T00:05:15", "type": "github", "title": "High severity vulnerability that affects org.apache.httpcomponents:httpclient", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2023-01-09T05:02:49", "id": "GHSA-2X83-R56G-CV47", "href": "https://github.com/advisories/GHSA-2x83-r56g-cv47", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2023-12-06T16:38:15", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x\nbefore 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the\ncross-site request forgery (CSRF) protection mechanism via a request that\nlacks a session identifier.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695251>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695250>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | tomcat6 on 10.04 LTS does not have this file nor function: the CSRF protection was consolidated after 10.04 LTS.\n", "cvss3": {}, "published": "2012-12-19T00:00:00", "type": "ubuntucve", "title": "CVE-2012-4431", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2012-12-19T00:00:00", "id": "UB:CVE-2012-4431", "href": "https://ubuntu.com/security/CVE-2012-4431", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:30:18", "description": "jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache\nSantuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5\nallows context-dependent attackers to spoof an XML Signature by using the\nCanonicalizationMethod parameter to specify an arbitrary weak\n\"canonicalization algorithm to apply to the SignedInfo part of the\nSignature.\"\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720375>\n", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "ubuntucve", "title": "CVE-2013-2172", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2013-08-20T00:00:00", "id": "UB:CVE-2013-2172", "href": "https://ubuntu.com/security/CVE-2013-2172", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:19:45", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before\n4.2.3 does not properly verify that the server hostname matches a domain\nname in the subject's Common Name (CN) or subjectAltName field of the X.509\ncertificate, which allows man-in-the-middle attackers to spoof SSL servers\nvia a certificate with a subject that specifies a common name in a field\nthat is not the CN field. NOTE: this issue exists because of an incomplete\nfix for CVE-2012-5783.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6153>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | debian's 06_fix_CVE-2012-5783.patch already contains the fix for CVE-2012-6153\n", "cvss3": {}, "published": "2014-09-04T00:00:00", "type": "ubuntucve", "title": "CVE-2012-6153", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2014-09-04T00:00:00", "id": "UB:CVE-2012-6153", "href": "https://ubuntu.com/security/CVE-2012-6153", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:39:58", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service\n(FPS) merchant Java SDK and other products, does not verify that the server\nhostname matches a domain name in the subject's Common Name (CN) or\nsubjectAltName field of the X.509 certificate, which allows\nman-in-the-middle attackers to spoof SSL servers via an arbitrary valid\ncertificate.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692442>\n * <https://issues.apache.org/jira/browse/HTTPCLIENT-1265>\n * <https://issues.apache.org/jira/browse/httpclient-613>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | Apache Commons HttpClient has been replaced by HttpComponents \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | debian released 3.1-10.1 with a possible regression fix was incomplete, see CVE-2012-6153 and CVE-2014-3577\n", "cvss3": {}, "published": "2012-11-04T00:00:00", "type": "ubuntucve", "title": "CVE-2012-5783", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2012-11-04T00:00:00", "id": "UB:CVE-2012-5783", "href": "https://ubuntu.com/security/CVE-2012-5783", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "freebsd": [{"lastseen": "2023-12-06T15:47:21", "description": "\n\nThe Apache Software Foundation reports:\n\nThe CSRF prevention filter could be bypassed if a request was made to a\n\t protected resource without a session identifier present in the request.\n\n\n", "cvss3": {}, "published": "2012-12-04T00:00:00", "type": "freebsd", "title": "tomcat -- bypass of CSRF prevention filter", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2017-03-18T00:00:00", "id": "953911FE-51EF-11E2-8E34-0022156E8794", "href": "https://vuxml.freebsd.org/freebsd/953911fe-51ef-11e2-8e34-0022156e8794.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2021-10-21T23:02:17", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3065-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nNovember 06, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxml-security-java\nCVE ID : CVE-2013-2172\nDebian Bug : 720375\n\nJames Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.4.5-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.5.5-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.5.5-2.\n\nWe recommend that you upgrade your libxml-security-java packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-11-06T08:45:42", "type": "debian", "title": "[SECURITY] [DSA 3065-1] libxml-security-java security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2014-11-06T08:45:42", "id": "DEBIAN:DSA-3065-1:74B58", "href": "https://lists.debian.org/debian-security-announce/2014/msg00253.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-07T12:05:19", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3065-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nNovember 06, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libxml-security-java\nCVE ID : CVE-2013-2172\nDebian Bug : 720375\n\nJames Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.4.5-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.5.5-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.5.5-2.\n\nWe recommend that you upgrade your libxml-security-java packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-11-06T08:45:42", "type": "debian", "title": "[SECURITY] [DSA 3065-1] libxml-security-java security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2014-11-06T08:45:42", "id": "DEBIAN:DSA-3065-1:36D70", "href": "https://lists.debian.org/debian-security-announce/2014/msg00253.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T19:31:42", "description": "Package : libxml-security-java\nVersion : 1.4.3-2+deb6u1\nCVE ID : CVE-2013-2172\n\nJames Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.", "cvss3": {}, "published": "2014-11-09T16:34:59", "type": "debian", "title": "[SECURITY] [DLA 85-1] libxml-security-java security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2014-11-09T16:34:59", "id": "DEBIAN:DLA-85-1:9FEBE", "href": "https://lists.debian.org/debian-lts-announce/2014/11/msg00004.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-07T17:47:29", "description": "Package : commons-httpclient\nVersion : 3.1-9+deb6u1\nCVE ID : CVE-2012-5783 CVE-2012-6153 CVE-2014-3577\n\nCVE-2012-5783 and CVE-2012-6153\n Apache Commons HttpClient 3.1 did not verify that the server hostname\n matches a domain name in the subject's Common Name (CN) or subjectAltName\n field of the X.509 certificate, which allows man-in-the-middle attackers to\n spoof SSL servers via an arbitrary valid certificate.\n Thanks to Alberto Fernandez Martinez for the patch.\n\nCVE-2014-3577\n It was found that the fix for CVE-2012-6153 was incomplete: the code added\n to check that the server hostname matches the domain name in a subject's\n Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle\n attacker could use this flaw to spoof an SSL server using a specially\n crafted X.509 certificate. The fix for CVE-2012-6153 was intended to address\n the incomplete patch for CVE-2012-5783. The issue is now completely resolved\n by applying this patch and the one for the previous CVEs\n\n\nThis upload was prepared by Markus Koschany.", "cvss3": {}, "published": "2015-05-19T15:18:39", "type": "debian", "title": "[SECURITY] [DLA 222-1] commons-httpclient security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2015-05-19T15:18:39", "id": "DEBIAN:DLA-222-1:38FAF", "href": "https://lists.debian.org/debian-lts-announce/2015/05/msg00008.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "osv": [{"lastseen": "2023-06-02T05:13:35", "description": "`jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java` in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak \"canonicalization algorithm to apply to the SignedInfo part of the Signature.\"", "cvss3": {}, "published": "2022-05-13T01:05:56", "type": "osv", "title": "Inefficient Algorithmic Complexity in Apache Santuario XML Security", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2023-06-01T20:04:09", "id": "OSV:GHSA-R237-W2W6-JQ3P", "href": "https://osv.dev/vulnerability/GHSA-r237-w2w6-jq3p", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-14T02:06:07", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "cvss3": {}, "published": "2022-05-17T00:57:51", "type": "osv", "title": "Cross-Site Request Forgery in Apache Tomcat", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2022-07-13T21:29:42", "id": "OSV:GHSA-76VR-72MV-MF3Q", "href": "https://osv.dev/vulnerability/GHSA-76vr-72mv-mf3q", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-10T07:08:35", "description": "\nJames Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.\n\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 1.4.5-1+deb7u1.\n\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.5.5-2.\n\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.5.5-2.\n\n\nWe recommend that you upgrade your libxml-security-java packages.\n\n\n", "cvss3": {}, "published": "2014-11-06T00:00:00", "type": "osv", "title": "libxml-security-java - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2022-08-10T07:08:19", "id": "OSV:DSA-3065-1", "href": "https://osv.dev/vulnerability/DSA-3065-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-11T01:32:48", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "cvss3": {}, "published": "2022-05-13T01:10:34", "type": "osv", "title": "Improper Certificate Validation in apache HttpClient", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2023-04-11T01:32:21", "id": "OSV:GHSA-3832-9276-X7GF", "href": "https://osv.dev/vulnerability/GHSA-3832-9276-x7gf", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-04-11T01:45:31", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.", "cvss3": {}, "published": "2018-10-17T00:05:15", "type": "osv", "title": "High severity vulnerability that affects org.apache.httpcomponents:httpclient", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2023-04-11T01:45:24", "id": "OSV:GHSA-2X83-R56G-CV47", "href": "https://osv.dev/vulnerability/GHSA-2x83-r56g-cv47", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-28T06:26:31", "description": "\n* [CVE-2012-5783](https://security-tracker.debian.org/tracker/CVE-2012-5783)\nand [CVE-2012-6153](https://security-tracker.debian.org/tracker/CVE-2012-6153)\n Apache Commons HttpClient 3.1 did not verify that the server hostname\n matches a domain name in the subject's Common Name (CN) or subjectAltName\n field of the X.509 certificate, which allows man-in-the-middle attackers to\n spoof SSL servers via an arbitrary valid certificate.\n Thanks to Alberto Fernandez Martinez for the patch.\n* [CVE-2014-3577](https://security-tracker.debian.org/tracker/CVE-2014-3577)\nIt was found that the fix for [CVE-2012-6153](https://security-tracker.debian.org/tracker/CVE-2012-6153) was incomplete: the code added\n to check that the server hostname matches the domain name in a subject's\n Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle\n attacker could use this flaw to spoof an SSL server using a specially\n crafted X.509 certificate. The fix for [CVE-2012-6153](https://security-tracker.debian.org/tracker/CVE-2012-6153) was intended to address\n the incomplete patch for [CVE-2012-5783](https://security-tracker.debian.org/tracker/CVE-2012-5783). The issue is now completely resolved\n by applying this patch and the one for the previous CVEs\n\n\nThis upload was prepared by Markus Koschany.\n\n\n", "cvss3": {}, "published": "2015-05-19T00:00:00", "type": "osv", "title": "commons-httpclient - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2023-06-28T06:26:27", "id": "OSV:DLA-222-1", "href": "https://osv.dev/vulnerability/DLA-222-1", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "cve": [{"lastseen": "2023-12-06T14:29:50", "description": "jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak \"canonicalization algorithm to apply to the SignedInfo part of the Signature.\"", "cvss3": {}, "published": "2013-08-20T22:55:00", "type": "cve", "title": "CVE-2013-2172", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2023-04-18T19:06:00", "cpe": ["cpe:/a:apache:santuario_xml_security_for_java:1.5.0", "cpe:/a:apache:santuario_xml_security_for_java:1.5.4", "cpe:/a:apache:santuario_xml_security_for_java:1.5.2", "cpe:/a:apache:santuario_xml_security_for_java:1.5.3", "cpe:/a:apache:santuario_xml_security_for_java:1.5.1", "cpe:/a:apache:santuario_xml_security_for_java:1.4.7"], "id": "CVE-2013-2172", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2172", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:santuario_xml_security_for_java:1.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:santuario_xml_security_for_java:1.5.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:26:57", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "cvss3": {}, "published": "2012-12-19T11:55:00", "type": "cve", "title": "CVE-2012-4431", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4431"], "modified": "2017-09-19T01:35:00", "cpe": ["cpe:/a:apache:tomcat:6.0.35", "cpe:/a:apache:tomcat:6.0.3", "cpe:/a:apache:tomcat:6.0.1", "cpe:/a:apache:tomcat:6.0.4", "cpe:/a:apache:tomcat:6.0.28", "cpe:/a:apache:tomcat:6.0.2", "cpe:/a:apache:tomcat:7.0.23", "cpe:/a:apache:tomcat:7.0.13", "cpe:/a:apache:tomcat:7.0.20", "cpe:/a:apache:tomcat:7.0.19", "cpe:/a:apache:tomcat:7.0.1", "cpe:/a:apache:tomcat:7.0.0", "cpe:/a:apache:tomcat:7.0.8", "cpe:/a:apache:tomcat:7.0.4", "cpe:/a:apache:tomcat:6.0.16", "cpe:/a:apache:tomcat:6.0.31", "cpe:/a:apache:tomcat:7.0.12", "cpe:/a:apache:tomcat:7.0.21", "cpe:/a:apache:tomcat:7.0.14", "cpe:/a:apache:tomcat:6.0.6", "cpe:/a:apache:tomcat:6.0.18", "cpe:/a:apache:tomcat:7.0.2", "cpe:/a:apache:tomcat:7.0.22", "cpe:/a:apache:tomcat:6.0.24", "cpe:/a:apache:tomcat:7.0.10", "cpe:/a:apache:tomcat:7.0.17", "cpe:/a:apache:tomcat:6.0.0", "cpe:/a:apache:tomcat:6.0.12", "cpe:/a:apache:tomcat:6.0.29", "cpe:/a:apache:tomcat:6.0.32", "cpe:/a:apache:tomcat:6.0.10", "cpe:/a:apache:tomcat:7.0.18", "cpe:/a:apache:tomcat:7.0.30", "cpe:/a:apache:tomcat:7.0.11", "cpe:/a:apache:tomcat:6.0", "cpe:/a:apache:tomcat:6.0.15", "cpe:/a:apache:tomcat:6.0.19", "cpe:/a:apache:tomcat:6.0.11", "cpe:/a:apache:tomcat:7.0.6", "cpe:/a:apache:tomcat:6.0.9", "cpe:/a:apache:tomcat:6.0.5", "cpe:/a:apache:tomcat:7.0.15", "cpe:/a:apache:tomcat:6.0.7", "cpe:/a:apache:tomcat:6.0.20", "cpe:/a:apache:tomcat:7.0.16", "cpe:/a:apache:tomcat:7.0.25", "cpe:/a:apache:tomcat:6.0.8", "cpe:/a:apache:tomcat:7.0.5", "cpe:/a:apache:tomcat:6.0.26", "cpe:/a:apache:tomcat:7.0.9", "cpe:/a:apache:tomcat:6.0.13", "cpe:/a:apache:tomcat:6.0.17", "cpe:/a:apache:tomcat:6.0.27", "cpe:/a:apache:tomcat:6.0.30", "cpe:/a:apache:tomcat:6.0.14", "cpe:/a:apache:tomcat:7.0.28", "cpe:/a:apache:tomcat:7.0.7", "cpe:/a:apache:tomcat:7.0.3", "cpe:/a:apache:tomcat:6.0.33"], "id": "CVE-2012-4431", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4431", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*"]}, {"lastseen": "2023-12-06T14:33:49", "description": "Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "cvss3": {}, "published": "2012-11-04T22:55:00", "type": "cve", "title": "CVE-2012-5783", "cwe": ["CWE-295"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2021-04-23T17:28:00", "cpe": ["cpe:/a:apache:httpclient:3.1", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:15.04", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "CVE-2012-5783", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5783", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:httpclient:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"]}, {"lastseen": "2023-12-07T15:15:06", "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.", "cvss3": {}, "published": "2014-09-04T17:55:00", "type": "cve", "title": "CVE-2012-6153", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/a:apache:commons-httpclient:4.2.2"], "id": "CVE-2012-6153", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6153", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:commons-httpclient:4.2.2:*:*:*:*:*:*:*"]}], "mageia": [{"lastseen": "2023-12-06T16:56:00", "description": "James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures (CVE-2013-2172). \n", "cvss3": {}, "published": "2014-01-06T04:52:37", "type": "mageia", "title": "Updated xml-security package fixes security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2014-01-06T04:52:37", "id": "MGASA-2014-0002", "href": "https://advisories.mageia.org/MGASA-2014-0002.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:56:00", "description": "The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name (CVE-2012-5783). \n", "cvss3": {}, "published": "2013-07-06T18:11:31", "type": "mageia", "title": "Updated jakarta-commons-httpclient package fixes security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2013-07-06T18:11:31", "id": "MGASA-2013-0199", "href": "https://advisories.mageia.org/MGASA-2013-0199.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "ibm": [{"lastseen": "2023-10-23T14:52:22", "description": "## Summary\n\nFileNet Content Manager has addressed the following HTTP Client v3.0.1 and v4.0.1 vulnerability.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79984> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nFileNet Content Manager 5.2.1\n\n## Remediation/Fixes\n\nTo resolve these vulnerabilities, install one of the patch sets listed below to upgrade HTTP Client v4.5.5 or higher.\n\n**Product** | **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nFileNet Content Manager | 5.2.1 | [_PJ45429_](<https://www.ibm.com/support/pages/apar/PJ45429>) | \n\n[_5.2.1.7-P8CPE-IF004_ ](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet%20Product%20Family&product=ibm/Information+Management/FileNet+Content+Engine&release=5.2.1.7&platform=All&function=all>) \\- 9/28/2018 \n \n \nIn the above table, the APAR links will provide more information about the fix.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2021-10-26T21:21:16", "type": "ibm", "title": "Security Bulletin: FileNet Content Manager is affected by a HTTP Client vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2021-10-26T21:21:16", "id": "8D964A6D85AB92A093A54D98B52835DA52D646F29F4FB8F77B0F37827E6FEFB1", "href": "https://www.ibm.com/support/pages/node/720183", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-13T13:34:49", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as components of Business Monitor. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the Security Bulletin [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n## Principal Product and Version\n\n| \n\n## Affected Supporting Product and Version \n \n---|--- \nIBM Business Monitor V8.5.7 | WebSphere Application Server V8.5.5 \nIBM Business Monitor V8.5.6 | WebSphere Application Server V8.5.5 \nIBM Business Monitor V8.5.5 | WebSphere Application Server V8.5.5 \nIBM Business Monitor V8.1.0.3 | WebSphere Application Server V8.0 \nIBM Business Monitor V8.0 | WebSphere Application Server V8.0 \n \n## ", "cvss3": {}, "published": "2018-07-06T00:22:40", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Business Monitor (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-07-06T00:22:40", "id": "F06557E676BEE33840ABDCBC8B63800AEF257D21E96813D19608264A0DF5ED04", "href": "https://www.ibm.com/support/pages/node/713649", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-12T21:33:42", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Security Key Lifecycle Manager (SKLM). Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783) ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM Security Key Lifecycle Manager (SKLM) v2.5 on distributed platforms | WebSphere Application Server v8.5.5 \nIBM Security Key Lifecycle Manager (SKLM) v2.6 on distributed platforms | WebSphere Application Server v8.5.5.7 \nIBM Security Key Lifecycle Manager (SKLM) v2.7 on distributed platforms | WebSphere Application Server v9.0.0.1 \nIBM Security Key Lifecycle Manager (SKLM) v3.0 on distributed platforms | WebSphere Application Server v9.0.0.5 \n \n## ", "cvss3": {}, "published": "2018-07-18T16:25:03", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Security Key Lifecycle Manager (SKLM) (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-07-18T16:25:03", "id": "3F50B90AA067D7B221DE01833CF094A0A4B8DFCEFA2F20192B47FCC636918D02", "href": "https://www.ibm.com/support/pages/node/717675", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:45:16", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)**\n\n| \n\n**Affected Supporting Product and Version** \n \n---|--- \n \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition V2.5, V2.5.0.1, V2.5.02. V2.5.0.3, V2.5.0.4, V2.5.0.5, V2.5.0.6\n\n| \n\n * WebSphere Application Server V8.5.5 through V8.5.5.12 \n \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise V2.4, V2.4.0.1, V2.4.0.2, V2.4.0.3, V2.4.0.4, V2.4.0.5\n\n| \n\n * WebSphere Application Server V8.5.0.1 through V8.5.5.12 \n \n## Remediation/Fixes\n\nThe recommended solution is to apply the fixes as soon as practical. \n\n**Principal Product and Version(s)** | **VRMF** | **Remediation/First Fix** \n---|---|--- \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise | 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4, 2.5.0.5, 2.5.0.6 | \n\nUpgrade to IBM Cloud Orchestrator 2.5 Fix Pack 7: \n<https://www-01.ibm.com/support/docview.wss?uid=ibm10718247> \n \nIBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise | 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3, 2.4.0.4, 2.4.0.5 | After you upgrade to minimal fix pack levels as required by interim fix, apply the appropriate Interim to your environment as soon as practical. For details, see \n\n[Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-12-06T06:05:02", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-12-06T06:05:02", "id": "4777F5C1553B23793B9C264645B77DC8564BD5ADDE40E26C0417DA938016C274", "href": "https://www.ibm.com/support/pages/node/739523", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:51:11", "description": "## Summary\n\nWebSphere Application Server is shipped with WebSphere Remote Server. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions and releases of IBM WebSphere Remote Server: \n\u2022 9.0 \n\u2022 8.5 \n\u2022 7.1 \n\u2022 7.0\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is shipped with WebSphere Remote Server. \n \n\n\nPrincipal Product and Version(s)| Affected Supporting Product and Version| Affected Supporting Product Security Bulletin \n---|---|--- \nWebSphere Remote Server 9.0, 8.5, 7.1, 7.0| WebSphere Application Server 9.0, 8.5, 8.0, 7.0| [_Information disclosure in Apache Commons HttpClient used by WebSphere Application Server_](<http://www.ibm.com/support/docview.wss?uid=swg22016216>) \n \n## ", "cvss3": {}, "published": "2018-06-23T02:54:21", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Remote Server (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-23T02:54:21", "id": "858896131EA815FB74E9BDD335996EEADB31086755EBD223F4051866A0275C41", "href": "https://www.ibm.com/support/pages/node/712423", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:48:05", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nIBM Tivoli Netcool Impact 6.1.x | IBM WebSphere Application Server 7.0 \n \n## Remediation/Fixes\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nIBM Tivoli Netcool Impact 6.1.x | For IBM WebSphere Application Server V7.0.0.0 through 7.0.0.45: \nThis vulnerability requires IBM WebSphere Application Server fix pack levels as required by interim fix and then apply Interim Fix [PI96685 ](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>)and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>). \nFor instruction on how to upgrade IBM WebSphere Application Server see the latest 6.1.* IBM Tivoli Netcool Impact Fix Pack readme. \n \n \n**Please also note the**** **[**_end of support announcement_**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>)** ****from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the**** **[**_Netcool End of Support Knowledge Collection_**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>)**. ****If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2018-09-05T16:25:55", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-09-05T16:25:55", "id": "37E84D76257762D12F144C420A6FA36A16C6055B49D7AE073144BE16FFF7F0A0", "href": "https://www.ibm.com/support/pages/node/729877", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:44:46", "description": "## Summary\n\nSecurity vulnerability may affect Apache HttpClient used by IBM FileNet Content Manager.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79984> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Content Manager 5.2.1, 5.5.0, 5.5.1\n\n## Remediation/Fixes\n\nTo resolve these vulnerabilities, install one of the releases below.\n\n**Product** | **VRMF** | **APAR** | **Remediation/First Fix** \n---|---|---|--- \nFileNet Content Manager | \n\n5.2.1 \n5.5.0 \n5.5.1\n\n| \n\n[_PJ45429_](<https://www.ibm.com/support/entdocview.wss?uid=swg1PJ45429>) \n[_PJ45429_ \n](<https://www.ibm.com/support/entdocview.wss?uid=swg1PJ45429>) [_PJ45429_](<https://www.ibm.com/support/entdocview.wss?uid=swg1PJ45429>)\n\n| [_5.2.1.7-P8CPE-IF004_](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet%20Product%20Family&product=ibm/Information+Management/FileNet+Content+Engine&release=5.2.1.7&platform=All&function=all>) \\- 10/8/2018 \n[_5.5.0.0-P8CPE-IF003_](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet%20Product%20Family&product=ibm/Information+Management/FileNet+Content+Engine&release=5.5.0.0&platform=All&function=all>) \\- 12/14/2018 \n[_5.5.1.0-P8CPE-IF002_](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=FileNet%20Product%20Family&product=ibm/Information+Management/FileNet+Content+Engine&release=5.5.1.0&platform=All&function=all>) \\- 1/15/2019 \n| | | \n \n \nIn the above table, the APAR links will provide more information about the fix.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2019-01-16T20:05:01", "type": "ibm", "title": "Security Bulletin: IBM FileNet Content Manager affected by Apache HttpClient security vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2019-01-16T20:05:01", "id": "332EB7C24BEDDB6A08EB1D2E56168DBF8FB7B8EE1E89939D477827DEB2BC62FA", "href": "https://www.ibm.com/support/pages/node/731533", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-13T05:36:06", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Versions\n\n| Affected Supporting Product and Versions \n---|--- \nIBM Case Manager 5.1.1 \nIBM Case Manager 5.2.0 \nIBM Case Manager 5.2.1 \nIBM Case Manager 5.3.0 \nIBM Case Manager 5.3.1 \nIBM Case Manager 5.3.2 \nIBM Case Manager 5.3.3 | IBM WebSphere Application Server 7.0 \nIBM WebSphere Application Server 8.0 \nIBM WebSphere Application Server 8.5 \nIBM WebSphere Application Server 9.0 \n \n## ", "cvss3": {}, "published": "2018-07-20T00:48:46", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-07-20T00:48:46", "id": "B6D98686FB4CE3794F12AA810C56116765161F3CB64E9212B301423AF70BBA48", "href": "https://www.ibm.com/support/pages/node/717539", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:50:56", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM WebSphere Application Server Patterns. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin: [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** \n---|--- \nWebSphere Application Server Patterns | WebSphere Application Server: \n\n * Version 9.0\n * Version 8.5\n * Version 8.0 \n \n## ", "cvss3": {}, "published": "2018-06-26T19:40:51", "type": "ibm", "title": "Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server bundled with IBM WebSphere Application Server Patterns (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-26T19:40:51", "id": "D69CAB0B695FDB3F4A13D03095C9000050A31CA1EEA0F9ED3CBD01DC6FA43F1A", "href": "https://www.ibm.com/support/pages/node/713733", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-06T18:27:11", "description": "## Summary\n\nWebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section.\n\n## Affected Products and Versions\n\nIBM Tivoli System Automation Application Manager 4.1.0.0 \u2013 4.1.0.1\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is shipped with IBM Tivoli System Automation Application Manager.\n\nPrincipal Product and Version(s)\n\n| \n\nAffected Supporting Product and Version\n\n| \n\nAffected Supporting Product Security Bulletin \n \n---|---|--- \n \nIBM Tivoli System Automation Application Manager 4.1\n\n| \n\nWebSphere Application Server 8.5\n\n| \n\n[Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {}, "published": "2023-01-17T17:35:00", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2012-5783).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2023-01-17T17:35:00", "id": "AF3CBD718F3297D87FDA4616011F4CD425D9EBE3BB2880108811A5CAEF018EB6", "href": "https://www.ibm.com/support/pages/node/719301", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:41:35", "description": "## Summary\n\nWebSphere Application Server is shipped as a component of IBM Business Automation Workflow, IBM Business Process Manager, WebSphere Enterprise Service Bus and WebSphere Lombardi Edition. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783) ](<http://www.ibm.com/support/docview.wss?uid=swg22016216>)for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n\\- IBM Business Automation Workflow V18.0.0.0\n\n\\- IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03\n\n\\- IBM Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06\n\n\\- IBM Business Process Manager V8.5.6.0 through V8.5.6.0 CF2\n\n\\- IBM Business Process Manager V8.5.5.0\n\n\\- IBM Business Process Manager V8.5.0.0 through V8.5.0.2\n\n\\- IBM Business Process Manager V8.0.0.0 through V8.0.1.3\n\n\\- IBM Business Process Manager V7.5.0.0 through V7.5.1.2\n\n\\- IBM Business Process Manager Enterprise Service Bus V8.6.0.0\n\n\\- WebSphere Enterprise Service Bus Registry Edition V7.5.0.0 through V7.5.1.2\n\n\\- WebSphere Lombardi Edition V7.2.0.0 through V7.2.0.5 (and earlier unsupported releases)\n\n\\- WebSphere Enterprise Service Bus V7.0.0.0 through V7.0.0.5\n\n\\- WebSphere Enterprise Service Bus Registry Edition V7.0.0.0 through V7.0.0.5\n\n\\- WebSphere Enterprise Service Bus V7.5.0.0 through V7.5.1.2\n\n \nNote that Cumulative Fixes cannot automatically install interim fixes for the base Application Server. It is important to follow the complete installation instructions and manually ensure that recommended security fixes are installed.\n\n \n_For__ earlier and unsupported versions of the products, IBM recommends upgrading to a fixed, supported version of the product._\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-09-14T15:57:03", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Digital Business Automation Workflow family products (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2022-09-14T15:57:03", "id": "269ED09DF8DEC59D6D5C76BBBEC1A3E9EB81FC2A6B977AF71E1341BCCE84CE32", "href": "https://www.ibm.com/support/pages/node/712439", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:45:30", "description": "## Summary\n\nThere is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2012-5783_](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nJazz for Service Management version 1.1.0 - 1.1.3\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nJazz for Service Management version 1.1.0 - 1.1.3 | Websphere Application Server Full Profile 8.5.5 | \n\n# [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \n \n## Workarounds and Mitigations\n\nPlease refer to WAS iFix\n\n## ", "cvss3": {}, "published": "2018-11-28T12:00:02", "type": "ibm", "title": "Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server shipped with Jazz for Service Management (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-11-28T12:00:02", "id": "96B854658FB25B1C41C7953D07DFA40702863F7DF3DA2149F3BC57ED6B4B5CAA", "href": "https://www.ibm.com/support/pages/node/741903", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:45:38", "description": "## Summary\n\nThere is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2012-5783_](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nTivoli Integrated Portal version 2.1.0 - 2.1.0.5\n\nTivoli Integrated Portal version 2.2.0.0 - 2.2.0.19\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nTivoli Integrated Portal version \n\n2.1.0 - 2.1.0.5\n\n2.2.0 - 2.2.0.19\n\n| embedded Websphere Application Server version 7.0.x | \n\n# [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \n \n \nThe Websphere security bulletin above provides a link to the required iFix to remediate the vulnerability. However, the iFix requires either eWAS 7.0.0.31 or higher installed. \n \nTIP does not support upgrading Websphere fixpack independently. TIP 2.2.0.15 or TIP 2.2.0.17 or TIP 2.2.0.19 must be applied which will upgrade eWAS to 7.0.0.31 and above. Once TIP FP has been applied, the Websphere iFix can be applied as described in the Websphere bulletin.\n\n## Workarounds and Mitigations\n\nPlease refer to WAS iFix as described above\n\n## ", "cvss3": {}, "published": "2018-11-23T09:35:02", "type": "ibm", "title": "Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server shipped with Tivoli Integrated Portal (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-11-23T09:35:02", "id": "DD5BF5116E5741EB672335643731F4B54ACDBD92F34C019A128C14DD0EF87E44", "href": "https://www.ibm.com/support/pages/node/741779", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:05", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nTivoli Business Service Manager 6.1.x | IBM WebSphere Application Server 7.0 \n \n## Remediation/Fixes\n\n_Principal Product and Version(s)_\n\n| _Affected Supporting Product and Version_ \n---|--- \nTivoli Business Service Manager 6.1.x | For IBM WebSphere Application Server V7.0.0.0 through 7.0.0.45: \nThis vulnerability requires IBM WebSphere Application Server fix pack levels as required by interim fix and then apply Interim Fix [PI96685 ](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>)and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>). \nFor instruction on how to upgrade IBM WebSphere Application Server see the latest 6.1.* Tivoli Business Service Manager Fix Pack readme. \n \n \n**Please also note the**** **[**_end of support announcement_**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>)** ****from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the**** **[**_Netcool End of Support Knowledge Collection_**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>)**. ****If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2018-09-05T16:28:01", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-09-05T16:28:01", "id": "01CFF49A8E945385D7DAF195723AF2400A442375CCE77F93B4CF72774A757E1D", "href": "https://www.ibm.com/support/pages/node/729871", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T19:00:20", "description": "## Summary\n\nThere is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server shipped as part of IBM InfoSphere Global Name Management. This also affects IBM InfoSphere Global Name Management Enterprise Name Search installations.\n\n## Vulnerability Details\n\n**CVE(s): **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>)\n\nLink to security bulletin: [http://www-01.ibm.com/support/docview.wss?uid=swg22016216](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n## Affected Products and Versions\n\nIBM InfoSphere Global Name Management 5.0\n\n## Remediation/Fixes\n\nUpgrade embedded WebSphere to fix pack level 8.0.0.15, and then apply Interim Fix [PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>).\n\n**DISCLAIMER: **This version of the product uses Java 6, which is now beyond end of support. Customers using IBM InfoSphere Global Name Management 5.0 are encouraged to move to IBM InfoSphere Global Name Management 6.0\n\n## ", "cvss3": {}, "published": "2022-04-20T17:04:55", "type": "ibm", "title": "Security Bulletin: Information disclosure in Apache Commons HttpClient may affect WebSphere Application Server as part of IBM InfoSphere Global Name Management (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2022-04-20T17:04:55", "id": "A8A1B567F944BADF2C3904883B086755440DF569158EEB6B0C8C2202276A6F6E", "href": "https://www.ibm.com/support/pages/node/964546", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:48:18", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of OpenPages GRC Platform. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. \n\n## Vulnerability Details\n\nPlease consult the security bulletin [IBM WebSphere Application Server](<http://www.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)** | ** ****Affected Supporting Product and Version** \n---|--- \nIBM OpenPages GRC Platform 7.4/8.0 | IBM WebSphere Application Server 9.0.0.3 \nIBM OpenPages GRC Platform 7.3 | IBM WebSphere Application Server 8.5.5.9 \nIBM OpenPages GRC Platform 7.2 | IBM WebSphere Application Server 8.5.5.5 \nIBM OpenPages GRC Platform 7.1 | IBM WebSphere Application Server 8.5.5.2 \n \n## ", "cvss3": {}, "published": "2018-08-21T22:07:13", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with OpenPages GRC Platform (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-08-21T22:07:13", "id": "83DE818C5932FD800E5449ABA82FA7FDCAC7A0E2B41C5C07CC9E5CC56A3B9296", "href": "https://www.ibm.com/support/pages/node/728725", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:46:03", "description": "## Summary\n\nIBM C\u00faram is shipped with a third party library called Santuario, which is vulnerable to a Java spoofing attack.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2013-2172_](<https://vulners.com/cve/CVE-2013-2172>) \n**DESCRIPTION:** Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/85323_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/85323>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM C\u00faram Social Program Management 6.1 \nIBM C\u00faram Social Program Management 6.0.5 \nIBM C\u00faram Social Program Management 6.0.4 \nIBM C\u00faram Social Program Management 6.0 SP2 \nIBM C\u00faram Social Program Management 5.2 SP6 \nIBM Care Management 6.0\n\n## Remediation/Fixes\n\nProduct\n\n| VRMF | _Remediation/First Fix_ \n---|---|--- \nC\u00faram SPM | 6.1 | Visit IBM Fix Central and upgrade to [_6.1.0.1FixPack_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=IBMCuramSPM_6.1.0.1&continue=1>) or a subsequent 6.1.0 release \nC\u00faram SPM | 6.0.5 | Visit IBM Fix Central and upgrade to [_6.0.5.9_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=IBMCuram6.0.5.9_FixPack&continue=1>) or a subsequent 6.0.5 release \nC\u00faram SPM | 6.0.4 | Visit IBM Fix Central and upgrade to [_6.0.4.6iFix1_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=IBMCuram6.0.4.6_iFix001&continue=1>) or a subsequent 6.0.4 release \nC\u00faram SPM | 6.0 SP26 | Visit IBM Fix Central and upgrade to [_6.0 SP2 EP27_](<http://www-933.ibm.com/support/fixcentral/swg/doSelectFixes?options.selectedFixes=IBMCuram6.0_SP2_EP27&continue=1>) or a subsequent 6.0 release \nC\u00faram SPM | 5.2 SP6 | C\u00faram SPM 5.2 provides no OOTB supports for Axis 2 (See Workarounds & Mitigations) \nC\u00faram Care Management | 6.0 | See Workarounds & Mitigations \n \n## Workarounds and Mitigations\n\nIf your 5.2 version of C\u00faram SPM is using Axis1 for web services the appropriate remediation is to upgrade to a more recent version of C\u00faram. If this is not viable, contact IBM C\u00faram Support for help with identification of mitigation. \n \nFor the Care Management release, the download site has been updated to warn potential customers of security issues. Customers should contact IBM C\u00faram Support if they require a security fix.\n\n## ", "cvss3": {}, "published": "2018-11-07T15:35:01", "type": "ibm", "title": "Security Bulletin: A Vulnerability in Apache Santuario affects IBM C\u00faram (CVE-2013-2172)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2018-11-07T15:35:01", "id": "9BB767695E04070B0A01A2A358F1E873439FC146C704934519AFEEBACD01C19D", "href": "https://www.ibm.com/support/pages/node/714469", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-12T21:33:39", "description": "## Summary\n\nIBM WebSphere Application Server (WAS) is shipped as a component of IBM Tivoli Security Policy Manager (TSPM). Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.****\n\n## Affected Products and Versions\n\n**Product Version**\n\n| \n\n**WebSphere Version** \n \n---|--- \n \nTSPM 7.1\n\n| \n\nWAS v7.0 \n \nRTSS 7.1\n\n| \n\nWAS v7.0, v8.0 \n \n**Note:** TSPM is comprised of TSPM and Runtime Security Services (RTSS)\n\n## ", "cvss3": {}, "published": "2018-07-20T04:47:48", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Security Policy Manager (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-07-20T04:47:48", "id": "C3B567818F0068A4E76BF412FA5CD0354D004804480FA49A2095407B12E1C65E", "href": "https://www.ibm.com/support/pages/node/717513", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:47:38", "description": "## Summary\n\nWebSphere Application Server is shipped with Financial Transaction Manager. Information about security vulnerabilities affecting WebSphere Application Server have been published in a security bulletin.\n\n## Vulnerability Details\n\nRefer to the security bulletin \n[_Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)_](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nFinancial Transaction Manager for MP v2.1.0.0 through 2.1.0.4 | WebSphere Application Server 8.0 \nFinancial Transaction Manager for MP v2.1.1.0 through 2.1.1.4 | WebSphere Application Server 8.0 \nFinancial Transaction Manager for MP v3.0.0.0 through 3.0.0.9 | WebSphere Application Server 8.5.5 \nFinancial Transaction Manager for MP v3.2.0.0 and later fixpacks | WebSphere Application Server 9.0.0 \n \n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application Server which is/are shipped with Financial Transaction Manager. \n\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nFinancial Transaction Manager for MP v2.1.0.0 through 2.1.0.4 | WebSphere Application Server 8.0 | [_Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)_](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \nFinancial Transaction Manager for MP v2.1.1.0 through 2.1.1.4 | WebSphere Application Server 8.0 \nFinancial Transaction Manager for MP v3.0.0.0 through 3.0.0.9 | WebSphere Application Server 8.5.5 \nFinancial Transaction Manager for MP v3.2.0.0 and later fixpacks | WebSphere Application Server 9.0.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2018-09-25T11:10:01", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server shipped with Financial Transaction Manager (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-09-25T11:10:01", "id": "539FD5A344951CB3146EC1C6256AC3A91344217924BD86DB5242BF2BD9D82C91", "href": "https://www.ibm.com/support/pages/node/732741", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:46:17", "description": "## Summary\n\nIBM WebSphere Application Server is shipped with IBM Intelligent Operations Center. Information about a security vulnerability affecting IBM WegSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nConsult the security bulletin, [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www.ibm.com/support/docview.wss?uid=swg22016216>), for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Products and Versions | Affected Supporting Products \n---|--- \nIBM Intelligent Operations Center V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3 | IBM WebSphere Application Server V7.0, V8.0, V8.5, V9.0 \nIBM Intelligent Operations Center for Emergency Management V1.6 \nIBM Intelligent Transportation V1.6.1 \n \n## Remediation/Fixes\n\nDownload the correct version of the fix from the following link: [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www.ibm.com/support/docview.wss?uid=swg22016216>). Installation instructions for the fix are included in the readme document that is in the fix package.\n\n## ", "cvss3": {}, "published": "2018-10-31T12:30:02", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Intelligent Operations Center (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-10-31T12:30:02", "id": "C1F769D030FC2C40F30870B89602B6E37C63D9738974975088F5749826F8EED3", "href": "https://www.ibm.com/support/pages/node/716593", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-23T21:44:43", "description": "## Summary\n\nThere is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server shipped as part of IBM InfoSphere Identity Insight.\n\n## Vulnerability Details\n\n**CVE(s): **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>)\n\nLink to security bulletin: [http://www-01.ibm.com/support/docview.wss?uid=swg22016216](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n## Affected Products and Versions\n\nIBM InfoSphere Identity Insight 8.1\n\n## Remediation/Fixes\n\nTo fix Identity Insight 8.1, upgrade its embedded WebSphere to fix pack level 7.0.0.45 and then apply Interim Fix [PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>).\n\n**DISCLAIMER: **This version of the product uses Java 6, which is now beyond end of support. Customers using IBM InfoSphere Identity Insight 8.1 are encouraged to move to IBM InfoSphere Identity Insight 9.0. \n\n\n## ", "cvss3": {}, "published": "2019-08-14T19:30:12", "type": "ibm", "title": "Security Bulletin: Information disclosure in Apache Commons HttpClient may affect WebSphere Application Server as part of IBM InfoSphere Identity Insight (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2019-08-14T19:30:12", "id": "2C89CFD58F3D4EE971D17C1294FCDAF90987B18CD1793833204AB66E2BE29729", "href": "https://www.ibm.com/support/pages/node/964544", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:44:29", "description": "## Summary\n\nThere is a potential information disclosure in Apache Commons HttpClient used by WebSphere Application Server. \n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2012-5783_](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions and releases of IBM WebSphere Application Server traditional:\n\n * Version 9.0\n * Version 8.5\n * Version 8.0\n * Version 7.0\n\n## Remediation/Fixes\n\n \nThe recommended solution is to apply the interim fix, Fix Pack or PTF containing the APARs for each named product as soon as practical. There are 2 separate interim fixes that may need to be applied, links are provided below: \nAPARs \n[PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) \\- for users of JAX-WS Web Services \n[PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>) \\- for users of SOAP Connector (default) \n \n**For WebSphere Application Server traditional and WebSphere Application Server Hypervisor Edition:** \n \n**For V9.0.0.0 through 9.0.0.7:** \n\u00b7 Upgrade to minimal fix pack levels as required by interim fixes and then apply Interim Fix [PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>) \n\\--OR-- \n\u00b7 Apply Fix Pack 9.0.0.8 or later. \n \n**For V8.5.0.0 through 8.5.5.13:** \n\u00b7 Upgrade to minimal fix pack levels as required by interim fixes and then apply Interim Fix [PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>) \n\\--OR-- \n\u00b7 Apply Fix Pack 8.5.5.14 or later. \n \n**For V8.0.0.0 through 8.0.0.15:** \n\u00b7 Upgrade to a minimal fix pack level as required by interim fixes and then apply Interim Fix [PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>) \n \n**For V7.0.0.0 through 7.0.0.45:** \n\u00b7 Upgrade to a minimal fix pack levels as required by interim fixes and then apply Interim Fix [PI96685](<http://www-01.ibm.com/support/docview.wss?uid=swg24044989>) and [PI98251](<http://www-01.ibm.com/support/docview.wss?uid=swg24045005>) \n \n_WebSphere Application Server V7 and V8 are no longer in full support; IBM recommends upgrading to a fixed, supported version/release/platform of the product. _\n\n## ", "cvss3": {}, "published": "2019-02-19T17:50:01", "type": "ibm", "title": "Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2019-02-19T17:50:01", "id": "3B659ECA0A3490E43A993E28F17C28259C30674E3C1D43656C4A5B37F135FF29", "href": "https://www.ibm.com/support/pages/node/711867", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-24T05:42:29", "description": "## Summary\n\nVulnerability has been identified in Apache Commons HttpClient shipped with IBM Cloud Pak System. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Cloud Pak System| 2.3 \nIBM Cloud Pak System| 2.2 \n \n\n\n## Remediation/Fixes\n\nFor IBM Cloud Pak System V2.3.0 and V2.3.0.1, upgrade to V2.3.1.1\n\nInformation on upgrading can be found here: [http://www.ibm.com/support/docview.wss?uid=ibm10887959.](<http://www.ibm.com/support/docview.wss?uid=ibm10887959>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-05-06T12:02:05", "type": "ibm", "title": "Security Bulletin: Vulnerability from Apache HttpClient affects IBM Cloud Pak System (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2020-05-06T12:02:05", "id": "F43AC4AD74C202F4FEB76EA0BC3429642A773A92CA519668F55C67ABFA59AEB0", "href": "https://www.ibm.com/support/pages/node/5695773", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:15:40", "description": "## Summary\n\nCommons-httpclient-3.0.1.jar package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVE (CVE-2012-5783).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nBM Cloud Pak for Data System 2.0| 2.0.0.0 - 2.0.2.0 \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now by upgrading to latest version.**\n\nAffected Product(s)| VRMF| Remediation/Fixes \n---|---|--- \nIBM Cloud Pak for Data System 2.0| 2.0.2.1| [Link to Fix Central](<https://www.ibm.com/support/fixcentral/swg/selectFixes?fixids=2.0.2.1-WS-ICPDS-fp203&product=ibm%2FWebSphere%2FIBM%20Cloud%20Private%20for%20Data%20System&source=dbluesearch&mhsrc=ibmsearch_a&mhq=2%26period%3B0%26period%3B2%26period%3B1&function=fixId&parent=ibm/WebSphere>) \n \nPlease follow the steps given in [release notes](<https://www.ibm.com/docs/en/cloud-paks/cloudpak-data-system/2.0?topic=20-version-2021-release-notes> \"release notes\" ) to upgrade the system with the above version. \n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-03-31T11:33:30", "type": "ibm", "title": "Security Bulletin: Vulnerability in commons-httpclient-3.0.1.jar affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2023-03-31T11:33:30", "id": "0A6BBC4DFBB5FEFCEDCBE9F7C11994171A57DC8ECA368D2E6508C015BE0285CA", "href": "https://www.ibm.com/support/pages/node/6967549", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-28T21:37:27", "description": "## Summary\n\nIBM WebSphere Application Server is shipped with IBM Tivoli Netcool Configuration Manager version 6.4.1; IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nIBM Tivoli Netcool Configuration Manager versions 6.4.1 and 6.4.2\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server, which is shipped with IBM Tivoli Netcool Configuration Manager version 6.4.1; and a product required by IBM Tivoli Netcool Configuration Manager version 6.4.2.\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** | **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Tivoli Netcool Configuration Manager 6.4.1 | Bundled the TIP version 2.2.0.x, which bundles IBM WebSphere version 7.0.0.x. | [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \nSee Section \"**For V7.0.0.0 through 7.0.0.45:**\" \nIBM Tivoli Netcool Configuration Manager 6.4.2 | IBM Tivoli Netcool Configuration Manager 6.4.2 requires the installation of IBM WebSphere Application Server Version 8.5.5.5 or later version separately. Users are recommended to apply IBM WebSphere version 8.5.5.5 Security Interim Fixes. | [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \nSee Section \"**For V8.5.0.0 through 8.5.5.13:**\" \n \n \n**Please also note the** ** ** [**end of support announcement**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>) ** ** **from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the ** [**Netcool End of Support Knowledge Collection.**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>) ** ** **If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2023-06-28T22:04:59", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2012-5783).", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2023-06-28T22:04:59", "id": "8491CF1F3DD8116411BD720BFCBC2272BEB04446394152CADFC6BA73F4D21149", "href": "https://www.ibm.com/support/pages/node/717329", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T05:56:30", "description": "## Summary\n\nThe Jakarta Commons httpclient version 3.x is known to be vulnerable to SSL spoofing, and is included in the IBM Development Package for Apache Spark, primarily to provide legacy support for Hadoop 2.2. A patch is applied to Jakarta Commons httpclient version 3.1 to fix the vulnerability. \n \nNote: the IBM Development Package for Apache Spark version 1.x provides support for Hadoop 2.6, which does not exercise this vulnerability. The IBM Development Package for Apache Spark version 2.x provides support for Hadoop 2.7.x, which also does not exercise this vulnerability.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2012-5783_](<https://vulners.com/cve/CVE-2012-5783>)** \nDESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n\n## Affected Products and Versions\n\nIBM Development Package for Apache Spark 1.6.2.0 and earlier releases.\n\n## Remediation/Fixes\n\nPrincipal Product and Version(s)\n\n| Remediated Component \n---|--- \n[IBM Development Package for Apache Spark](<https://www.ibm.com/developerworks/java/jdk/spark/>) 1.6.2.1 and subsequent releases| Patched Jakarta Commons httpclient 3.1 \n[IBM Development Package for Apache Spark](<https://www.ibm.com/developerworks/java/jdk/spark/>) 2.0.0.0 and subsequent releases| Patched Jakarta Commons httpclient 3.1 \n \n## Workarounds and Mitigations\n\nNone. A source code patch for the httpclient 3.1 component exists, but this involves a manual process to apply, re-build and re-package into Apache Spark. \n\nIBM recommends upgrading to a remediated release of the IBM Development Package for Apache Spark.\n\n## ", "cvss3": {}, "published": "2018-06-15T07:06:06", "type": "ibm", "title": "Security Bulletin: Vulnerability in legacy component distributed in IBM Development Package for Apache Spark (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-06-15T07:06:06", "id": "B62A0DF1BA325616E310706F59A3DD07DD7DC7356D343963E6F99C6D89411ED3", "href": "https://www.ibm.com/support/pages/node/549921", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-23T21:45:37", "description": "## Summary\n\nIBM Business Automation Workflow has addressed the following security vulnerability with the embedded Content Manager. Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a website containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. For more information, refer to the following X-Force database entries.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79984> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM Business Automation Workflow V18.0.0.1\n\n## Remediation/Fixes\n\nInstall interim fix [JR60697](<http://www.ibm.com/support/docview.wss?uid=swg1JR60697>) as appropriate for your current IBM Business Automation Workflow:\n\n * [IBM Business Automation Workflow](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/IBM+Business+Automation+Workflow&release=All&platform=All&function=aparId&apars=JR60697>)\n\n \n**For IBM Business Automation Workflow V18.0.0.1** \n\u00b7 Upgrade to at least IBM Business Automation Workflow V18.0.0.1 as required by iFix and then apply iFix [JR60697](<http://www.ibm.com/support/docview.wss?uid=swg1JR60967>) \n\\--OR-- \n**\u00b7** Apply cumulative fix IBM Business Automation Workflow V19.0.0.2 (latest recommended)\n\n## ", "cvss3": {}, "published": "2019-07-01T18:25:01", "type": "ibm", "title": "Security Bulletin: An HttpClient security vulnerability has been identified with the embedded Content Manager used by IBM Business Automation Workflow (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2019-07-01T18:25:01", "id": "4BDE70E43A19F50FF60A2F5CB6ED1C095A92727557F41F17F3F3059A4D00A95B", "href": "https://www.ibm.com/support/pages/node/885550", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-13T09:35:18", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM ILOG ODM Enterprise. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s)\n\n| Affected Supporting Product and Version \n---|--- \nIBM ILOG ODM Enterprise v3.4 - v3.6.0.1 | IBM WebSphere Application Server 7.0 \n \n## ", "cvss3": {}, "published": "2018-07-12T13:42:21", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM ILOG Optimization Decision Manager Enterprise (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-07-12T13:42:21", "id": "031AB80137983FA206B8FD452A65FA0ADD155D250DA679ADC4DC628C2E106C7E", "href": "https://www.ibm.com/support/pages/node/713685", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:48:32", "description": "## Summary\n\nWebsphere Application Server (WAS) is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting WAS has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version \n---|--- \nIBM Operations Analytics Predictive Insights version 1.3.6 | Websphere Application Server 8.5.5.x \nIBM Operations Analytics Predictive Insights versions 1.3.3, 1.3.5 | Websphere Application Server 8.5.0.x This needs to be upgraded to minimum 8.5.5.12, noting [_this known issue_](<https://www.ibm.com/support/knowledgecenter/en/SSEKCU_1.1.2.1/com.ibm.psc.doc/tshoot/psc_ts_jazzsm_start_stop.html>), before applying the fix mentioned in the linked bulletin. \n \n## ", "cvss3": {}, "published": "2018-08-09T11:56:35", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Operations Analytics Predictive Insights (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-08-09T11:56:35", "id": "96AA6E96C459B552487D37879C1210BD7926BC641E7FD69543382941733FFB5F", "href": "https://www.ibm.com/support/pages/node/720271", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-22T01:44:06", "description": "## Summary\n\nIBM Integration Bus and IBM App Connect Enterprise are affected by an httpclient package used by WebSphere Application Server for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79984> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nIBM App Connect Enterprise V11.0.0.0 - V11.0.0.1\n\nIBM Integration Bus V10.0.0.0 - V10.0.0.13 \nIBM Integration Bus V9.0.0.0 - V9.0.0.10\n\nWebSphere Message Broker V8.0.0.0 - V8.0.0.9\n\n## Remediation/Fixes\n\nProduct | VRMF | APAR | Remediation/Fixes \n---|---|---|--- \nIBM App Connect | V11.0.0.0-V11.0.0.1 | IT25520 | \n\nThe APAR is available in fix pack 11.0.0.2\n\n[IBM App Connect Enterprise Version V11-Fix Pack 11.0.0.2](<https://www-01.ibm.com/support/docview.wss?uid=ibm10734317>) \n \nIBM Integration Bus | V10.0.0.0 - V10.0.0.13 | IT25520 | \n\nThe APAR is available in fix pack 10.0.0.14\n\n[IBM Integration Bus V10.0 - Fix Pack 10.0.0.14](<http://www-01.ibm.com/support/docview.wss?uid=ibm10732699>) \n \nIBM Integration Bus | V9.0.0.0 - V9.0.0.10 | IT25520 | \n\nThe APAR is available in fix pack 9.0.0.11\n\n[IBM Integration Bus V9.0 - Fix Pack 9.0.0.11](<https://www-01.ibm.com/support/docview.wss?uid=swg24044511>) \n \nWebSphere Message Broker | V8.0.0.0 - V8.0.0.9 | IT25520 | Contact IBM support to request for Fix APAR \n \n_Websphere Message Broker V8 is no longer in full support; IBM recommends upgrading to a fixed, supported version/release/platform of the product. _ \n_If you are a customer with extended support and require a fix, contact IBM support._\n\n## ", "cvss3": {}, "published": "2020-03-23T20:41:52", "type": "ibm", "title": "Security Bulletin: IBM Integration Bus & IBM App Connect Enterprise are affected by a Websphere Application Server Vulnerability (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2020-03-23T20:41:52", "id": "8F7E9BC38CC1D5886DD8998C93E683C9367649830B463A9A5032011B60846A4C", "href": "https://www.ibm.com/support/pages/node/792053", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T17:54:29", "description": "## Summary\n\nThere is a vulnerability in Apache Commons HttpClient used by IBM Maximo Asset Management.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2012-5783](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) \n**DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nThis vulnerability affects the following versions of the IBM Maximo Asset Management core product. The recommended action is to update to the latest version.\n\n**Product versions affected:**\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Maximo Asset Management | 7.6.1.2 \nIBM Maximo Asset Management | 7.6.1.3 \n \n* To determine the core product version, log in and view System Information. The core product version is the \"Tivoli's process automation engine\" version. Please consult the [Platform Matrix](<https://www.ibm.com/support/pages/node/1288432> \"Platform Matrix\" ) for a list of supported product combinations.\n\n## Remediation/Fixes\n\nThe recommended solution is to download the appropriate Interim Fix or Fix Pack from Fix Central and apply for each affected product as soon as possible. Please see below for information on the fixes available for each product, version, and release. Follow the installation instructions in the \u2018readme\u2019 documentation provided with each fix pack or interim fix.\n\n**For Maximo Asset Management 7.6:**\n\nVRM | Fix Pack, Feature Pack, or Interim Fix | Download \n---|---|--- \n7.6.1.2 | Maximo Asset Management 7.6.1.2 iFix: \n[7.6.1.2-TIV-MBS-IFI036](<https://www-945.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.1&platform=All&function=fixId&fixids=7.6.1.2-TIV-MBS-IF036&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.6.1.2-TIV-MBS-IFI036\" ) or latest Interim Fix available | [FixCentral](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.2&platform=All&function=all> \"FixCentral\" ) \n7.6.1.3 | \n\nMaximo Asset Management 7.6.1.3 iFix:\n\n[7.6.1.3-TIV-MBS-IF011](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.3&platform=All&function=fixId&fixids=7.6.1.3-TIV-MBS-IF011&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.6.1.3-TIV-MBS-IF011\" ) or latest Interim Fix available\n\n| \n\n[FixCentral](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ETivoli&product=ibm/Tivoli/IBM+Maximo+Asset+Management&release=7.6.1.3&platform=All&function=all> \"FixCentral\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-09-07T15:08:30", "type": "ibm", "title": "Security Bulletin: There is a vulnerability in Apache Commons HttpClient used by IBM Maximo Asset Management (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2023-09-07T15:08:30", "id": "F64DA47FC3702B8685BBFAF6F11CB66B162143A42893C2917F13E1D839D0A9E6", "href": "https://www.ibm.com/support/pages/node/7030928", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:13:55", "description": "## Summary\n\nA vulnerability in Apache Commons HttpClient could allow a remote attacker to conduct spoofing attacks (CVE-2012-5783). AIX ships Apache Commons HttpClient as part of Electronic Customer Care.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAIX| 7.1.5 \nAIX| 7.2.5 \nAIX| 7.3.0 \nAIX| 7.3.1 \nVIOS| 3.1 \n \nThe following fileset levels are vulnerable:\n\nFileset| Lower Level| Upper Level \n---|---|--- \nbos.ecc_client.rte| 7.1.5.0| 7.1.5.34 \nbos.ecc_client.rte| 7.2.5.0| 7.2.5.1 \nbos.ecc_client.rte| 7.2.5.100| 7.2.5.100 \nbos.ecc_client.rte| 7.2.5.200| 7.2.5.200 \nbos.ecc_client.rte| 7.3.0.0| 7.3.0.1 \nbos.ecc_client.rte| 7.3.1.0| 7.3.1.0 \n \nTo find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.\n\nExample: lslpp -L | grep -i bos.ecc_client.rte\n\n \n\n\n## Remediation/Fixes\n\n**A. APARS**\n\nIBM has assigned the following APARs to this problem:\n\nAIX Level| APAR| SP \n---|---|--- \n7.1.5| IJ45221| SP12 \n7.2.5| IJ44994| SP06 \n7.3.0| IJ45224| SP03 \n7.3.1| IJ44987| SP02 \n \nVIOS Level| APAR| SP \n---|---|--- \n3.1.2| IJ45222| 3.1.2.60 \n3.1.3| IJ45223| 3.1.3.40 \n3.1.4| IJ44994| 3.1.4.20 \n \nSubscribe to the APARs here:\n\n<https://www.ibm.com/support/pages/apar/IJ44987>\n\n<https://www.ibm.com/support/pages/apar/IJ44994>\n\n<https://www.ibm.com/support/pages/apar/IJ45221>\n\n<https://www.ibm.com/support/pages/apar/IJ45222>\n\n<https://www.ibm.com/support/pages/apar/IJ45223>\n\n<https://www.ibm.com/support/pages/apar/IJ45224>\n\nBy subscribing, you will receive periodic email alerting you to the status of the APAR, and a link to download the fix once it becomes available.\n\n**B. FIXES**\n\nIBM strongly recommends addressing the vulnerability now.\n\nAIX and VIOS fixes are available. \n\nThe AIX and VIOS fixes can be downloaded via https from:\n\n<https://aix.software.ibm.com/aix/efixes/security/commonshttp_fix.tar>\n\nThe link above is to a tar file containing this signed advisory, fix packages, and OpenSSL signatures for each package. The fixes below include prerequisite checking. This will enforce the correct mapping between the fixes and AIX Technology Levels.\n\nAIX Level| Interim Fix \n---|--- \n7.1.5.9| IJ45221sAa.230309.epkg.Z \n7.1.5.10| IJ45221sAa.230309.epkg.Z \n7.1.5.11| IJ45221sAa.230309.epkg.Z \n7.2.5.3| IJ44994s4a.230412.epkg.Z \n7.2.5.4| IJ44994s4a.230412.epkg.Z \n7.2.5.5| IJ44994s5a.230307.epkg.Z \n7.3.0.1| IJ45224s2a.230309.epkg.Z \n7.3.0.2| IJ45224s2a.230309.epkg.Z \n7.3.0.3| IJ45224s2a.230309.epkg.Z \n7.3.1.1| IJ44987s1a.230307.epkg.Z \n \nPlease note that the above table refers to AIX TL/SP level as opposed to fileset level, i.e., 7.2.5.4 is AIX 7200-05-04.\n\nPlease reference the Affected Products and Version section above for help with checking installed fileset levels.\n\nVIOS Level| Interim Fix \n---|--- \n3.1.2.30| IJ45222s2a.230307.epkg.Z \n3.1.2.40| IJ45222s2a.230307.epkg.Z \n3.1.2.50| IJ45222s2a.230307.epkg.Z \n3.1.3.14| IJ45223s4a.230307.epkg.Z \n3.1.3.21| IJ45223s4a.230307.epkg.Z \n3.1.3.30| IJ45223s4a.230307.epkg.Z \n3.1.4.10| IJ44994s5a.230307.epkg.Z \n \nTo extract the fixes from the tar file:\n\ntar xvf commonshttp_fix.tar\n\ncd commonshttp_fix\n\nVerify you have retrieved the fixes intact:\n\nThe checksums below were generated using the \"openssl dgst -sha256 [filename]\" command as the following:\n\nopenssl dgst -sha256| filename \n---|--- \n7b5296488a406617aacbc387f31565336610821e26ac9599657e246efae62f49| IJ44987s1a.230307.epkg.Z \na79ff0361f4fc5ea68cbde506b90abbfcd9d51e074694571a6bb8b5dde9746cb| IJ44994s4a.230412.epkg.Z \n9f3f5a390468baa29e0df79db1e40d6e82828b50ca9b2af15e47375a6050b0d3| IJ44994s5a.230307.epkg.Z \nc01b7def86330e4dda232872a0fb795a8fc80d7076ed04d2e0c80b0547049d3d| IJ45221sAa.230309.epkg.Z \n73c1fa8a984a7bd9a5928e56052262082339db4264842e95a09cc61936e51285| IJ45222s2a.230307.epkg.Z \nc5050bfb62f5c789fb58214d7b99decd4ad764d88140f419618629599856e1f0| IJ45223s4a.230307.epkg.Z \ne0b17e7ef7b17349247f3e7336c64b337d6940819791f459a95e29fc90676269| IJ45224s2a.230309.epkg.Z \n \nThese sums should match exactly. The OpenSSL signatures in the tar file and on this advisory can also be used to verify the integrity of the fixes. If the sums or signatures cannot be confirmed, contact IBM Support at <http://ibm.com/support/> and describe the discrepancy. \n\nopenssl dgst -sha256 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]\n\nopenssl dgst -sha256 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]\n\nPublished advisory OpenSSL signature file location:\n\n<https://aix.software.ibm.com/aix/efixes/security/commonshttp_advisory.asc.sig>\n\n**C. FIX AND INTERIM FIX INSTALLATION**\n\nIf possible, it is recommended that a mksysb backup of the system be created. Verify it is both bootable and readable before proceeding.\n\nTo preview a fix installation:\n\ninstallp -a -d fix_name -p all # where fix_name is the name of the\n\n# fix package being previewed.\n\nTo install a fix package:\n\ninstallp -a -d fix_name -X all # where fix_name is the name of the\n\n# fix package being installed.\n\nInterim fixes have had limited functional and regression testing but not the full regression testing that takes place for Service Packs; however, IBM does fully support them.\n\nInterim fix management documentation can be found at:\n\n<http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html>\n\nTo preview an interim fix installation:\n\nemgr -e ipkg_name -p # where ipkg_name is the name of the\n\n# interim fix package being previewed.\n\nTo install an interim fix package:\n\nemgr -e ipkg_name -X # where ipkg_name is the name of the\n\n# interim fix package being installed.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-04-13T20:19:19", "type": "ibm", "title": "Security Bulletin: AIX is vulnerable to an SSL server spoof due to Apache Commons HttpClient (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2023-04-13T20:19:19", "id": "672ED98E9AB8BD15ACA2079635029450D742DBDD7246A12534BFFA7D54E83F8A", "href": "https://www.ibm.com/support/pages/node/6983589", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-06-28T21:37:28", "description": "## Summary\n\nIBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nIBM Tivoli Network Manager IP Edition 3.9, 4.1.1 and 4.2\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server, which is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; and a product required by IBM Tivoli Network Manager IP Edition version 4.2.\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** | **Affected Supporting Product Security Bulletin** \n---|---|--- \nIBM Tivoli Network Manager IP Edition 3.9 | Bundled the TIP version 2.1.0.x, which bundles IBM WebSphere version 7.0.0.x. | [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \nSee Section \"**For V7.0.0.0 through 7.0.0.45:**\" \nIBM Tivoli Network Manager IP Edition 4.1.1 | Bundled the TIP version 2.2.0.x, which bundles IBM WebSphere version 7.0.0.x. | [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \nSee Section \"**For V7.0.0.0 through 7.0.0.45:**\" \nIBM Tivoli Network Manager IP Edition 4.2 | IBM Tivoli Network Manager IP Edition 4.2 requires the installation of IBM WebSphere Application Server Version 8.5.5.5 or later version separately. Users are recommended to apply IBM WebSphere version 8.5.5.5 Security Interim Fixes. | [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server ](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \nSee Section \"**For V8.5.0.0 through 8.5.5.13:**\" \n \n \n**Please also note the** ** ** [**end of support announcement**](<http://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>) ** ** **from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the ** [**Netcool End of Support Knowledge Collection.**](<https://www-01.ibm.com/support/entdocview.wss?uid=swg22009231>) ** ** **If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2023-06-28T22:04:59", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2012-5783).", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2023-06-28T22:04:59", "id": "F10B278BFBFA868C361722B3DE18CDFFBEA415174A88751DEB4AB93FA4D5705C", "href": "https://www.ibm.com/support/pages/node/717327", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-21T21:50:45", "description": "## Summary\n\nWebsphere Application Server (WAS) is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin.\n\n## Vulnerability Details\n\nPlease consult the security bulletin [Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www.ibm.com/support/docview.wss?uid=swg22016216>) for vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\n**Principal Product and Version(s)** | **Affected Supporting Product and Version** \n---|--- \nWebGUI 7.4.0 GA and FP | embedded Websphere Application Server 7.0 \nWebGUI 8.1.0 GA and FP | Websphere Application Server 8.5 \n \n**Please also note the [end of support announcement](<http://www.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/8/897/ENUS917-138/index.html&lang=en&request_locale=en>) from 12 September 2017 for selected Netcool product versions. You can find detailed information on whether the product version you have installed in your environment is affected by this end of service announcement by following the [Netcool End of Support Knowledge Collection](<https://www.ibm.com/support/entdocview.wss?uid=swg22009231>). If your product version is affected, IBM recommend to upgrade your product version to the latest supported version of your product. Please contact your IBM account manager for any question you might have or for any assistance you may require for upgrading an end of service announced offering.**\n\n## ", "cvss3": {}, "published": "2018-07-04T03:36:07", "type": "ibm", "title": "Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2012-5783)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2018-07-04T03:36:07", "id": "3530DF8DA972875E9B1FD6F767CF9BCE12DD28AEEAAF4F127105D1281DCB6CC5", "href": "https://www.ibm.com/support/pages/node/716073", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:36:10", "description": "## Summary\n\nIBM Sterilng B2B Integrator has addressed security vulnrabilities in Apache Santuario XML Security for Java.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2013-4517](<https://vulners.com/cve/CVE-2013-4517>) \n** DESCRIPTION: **Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/89891](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89891>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2013-2172](<https://vulners.com/cve/CVE-2013-2172>) \n** DESCRIPTION: **Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/85323](<https://exchange.xforce.ibmcloud.com/vulnerabilities/85323>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.6 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.0.4, 6..1.1.0 \n \n\n\n## Remediation/Fixes\n\n** Product**| **Version**| **APAR**| **Remediation & Fix** \n---|---|---|--- \nIBM Sterling B2B Integrator| 6.0.0.0 - 6.0.3.6| IT38878| Apply 6.0.3.7, 6.1.0.5, 6.1.1.1 or 6.1.2.0 \nIBM Sterling B2B Integrator| 6.1.0.0 - 6.1.0.4, 6.1.1.0| IT38878| Apply 6.1.0.5, 6.1.1.1 or 6.1.2.0 \n \nThe version 6.0.3.7 , 6.1.0.5 and 6.1.1.1 are available on [Fix Central](<http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%2Bsoftware&product=ibm/Other+software/Sterling+B2B+Integrator&release=All&platform=All&function=all>). The IIM version of 6.1.2.0 is available in IBM Passport Advantage. The container version of 6.1.2.0 is available in IBM Entitled Registry with following tags. \n\ncp.icr.io/cp/ibm-b2bi/b2bi:6.1.2.0 for IBM Sterling B2B Integrator \ncp.icr.io/cp/ibm-sfg/sfg:6.1.2.0 for IBM Sterling File Gateway\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2022-10-14T21:43:17", "type": "ibm", "title": "Security Bulletin: IBM Sterling B2B Integrator vulnerable due to Apache Santuario XML Security for Java (CVE-2013-4517, CVE-2013-2172)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172", "CVE-2013-4517"], "modified": "2022-10-14T21:43:17", "id": "F5F1FB1C2673533300501FA7FF4A504864607B0F9FC3F37D5C4D752C3B79910F", "href": "https://www.ibm.com/support/pages/node/6829589", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T18:44:34", "description": "## Summary\n\nIBM TRIRIGA Application Platform discloses CVE-2020-13956\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM TRIRIGA| All \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| \n\n**Remediation/First Fix** \n \n---|---|--- \nIBM TRIRIGA Application Platform| 3.6.1.3| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.6.1.3&language=en_US> \"FixCentral\" ). \nIBM TRIRIGA Application Platform| 3.7.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.7.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 3.8.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.8.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.0.2| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.0.2&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.1.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.1.1&language=en_US> \"FixCental\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-30T16:54:09", "type": "ibm", "title": "Security Bulletin: IBM TRIRIGA Application Platform discloses CVE-2020-13956", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2020-13956"], "modified": "2022-08-30T16:54:09", "id": "AAFF9E87667B35D62A52D77B8E5C3A000AE2419974F7C14545C23704BDDC171B", "href": "https://www.ibm.com/support/pages/node/6616303", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:44:26", "description": "## Summary\n\nIBM TRIRIGA Application Platform discloses CVE-2020-13956\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM TRIRIGA| All \n \n\n\n## Remediation/Fixes\n\n**Product**| **VRMF**| \n\n**Remediation/First Fix** \n \n---|---|--- \nIBM TRIRIGA Application Platform| 3.6.1.3| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.6.1.3&language=en_US> \"FixCentral\" ). \nIBM TRIRIGA Application Platform| 3.7.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.7.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 3.8.0.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%203.8.0.1&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.0.2| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.0.2&language=en_US> \"FixCental\" ) \nIBM TRIRIGA Application Platform| 4.1.1| The fix is available for download on [FixCentral](<https://www.ibm.com/mysupport/s/ibm-community-support-search-results?q=Tririga%204.1.1&language=en_US> \"FixCental\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2022-08-30T16:54:42", "type": "ibm", "title": "Security Bulletin:IBM TRIRIGA Application Platform discloses CVE-2020-13956", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2020-13956"], "modified": "2022-08-30T16:54:42", "id": "A380C4CD3FFEF0D1AD28C9019320AF0085267A1FC55FD33D40E61A6A71DFDFF1", "href": "https://www.ibm.com/support/pages/node/6616305", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:37:05", "description": "## Summary\n\nApache XML Security for Java is shipped with IBM Tivoli Business Manager 6.2.0 as part of its XML security infrastructure. Information about security vulnerabilities affecting Apache XML Security for Javahas been published in a security bulletin.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2013-4517](<https://vulners.com/cve/CVE-2013-4517>) \n**DESCRIPTION: **Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/89891](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89891>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n**CVEID: **[CVE-2013-2172](<https://vulners.com/cve/CVE-2013-2172>) \n**DESCRIPTION: **Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/85323](<https://exchange.xforce.ibmcloud.com/vulnerabilities/85323>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n**CVEID: **[CVE-2009-0217](<https://vulners.com/cve/CVE-2009-0217>) \n**DESCRIPTION: **Multiple vendor applications that utilize the W3C XML Signature Syntax and Processing (XMLDsig) recommendation could allow a remote attacker to conduct spoofing attacks on the system. The parameter used by the design defines HMAC truncation length without a minimum length requirement. A remote attacker could exploit this vulnerability using an HMAC truncated length containing a small amount of bits to spoof HMAC-based signatures, bypass authentication and launch further attacks against the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/51716](<https://exchange.xforce.ibmcloud.com/vulnerabilities/51716>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n**CVEID: **[CVE-2021-40690](<https://vulners.com/cve/CVE-2021-40690>) \n**DESCRIPTION: **Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the improper passing of the \"secureValidation\" property when creating a KeyInfo from a KeyInfoReference element. An attacker could exploit this vulnerability to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) \n---|--- \nIBM Tivoli Business Service Manager | 6.2.0 \n \n## Remediation/Fixes\n\nProduct | VRMF | APAR | Remediation \n---|---|---|--- \nIBM Tivoli Business Service Manager 6.2.0 | 6.2.0.4 | IJ32982 | Upgrade to [IBM Tivoli Business Service Manager 6.2.0.4](<https://www.ibm.com/support/pages/node/6578641> \"IBM Tivoli Business Service Manager 6.2.0.4\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-06T04:39:35", "type": "ibm", "title": "Security Bulletin: A vulnerability in Apache XML Security for Java affects IBM Tivoli Business Service Manager (CVE-2013-4517, CVE-2013-2172, CVE-2009-0217, CVE-2021-40690)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0217", "CVE-2013-2172", "CVE-2013-4517", "CVE-2021-40690"], "modified": "2022-10-06T04:39:35", "id": "6A211412F2D10EF21E599E5E233A8338C185096623353D79DC919935D1D1ED5B", "href": "https://www.ibm.com/support/pages/node/6826621", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-13T13:34:50", "description": "## Summary\n\nIBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server UDDI have been published in security bulletins.\n\n## Vulnerability Details\n\nPlease consult the security bulletins:\n\n * [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n * [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n * [Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n * [Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n * [Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>)\n\nfor vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version \n---|--- \nWebSphere Service Registry and Repository V8.5 | WebSphere Application Server V8.5.5 \nWebSphere Service Registry and Repository V8.0 | WebSphere Application Server V8.0 \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-05T14:14:56", "type": "ibm", "title": "Security Bulletin: Vulnerabilities identified in IBM WebSphere Application Server and WebSphere Application Server UDDI shipped with IBM WebSphere Service Registry and Repository (CVE-2012-5783, CVE-2015-0899, CVE-2018-1614 and CVE-2018-1621)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-0899", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2018-07-05T14:14:56", "id": "BAFE1432B61D78F2B29438C3606D2D46643F4DA3DFC6DD0FB0C4962ECD44C150", "href": "https://www.ibm.com/support/pages/node/713613", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-12T21:33:42", "description": "## Summary\n\nIn the WebSphere Application Server where the Rational Asset Manager is deployed, a remote attacker could exploit the vulnerabilities such as spoofing attacks, execute arbitrary codes, exploit sensitive information and so on. Information about these security vulnerabilities affecting WebSphere Application Server has been published in security bulletins.\n\n## Vulnerability Details\n\nRefer to the security bulletin listed in the Remediation/Fixes section.\n\n## Affected Products and Versions\n\nIBM Rational Asset Manager 7.5 and 7.5.3.3. \n\nNOTE: Rational Asset Manager 7.5.2 and later versions does not support embedded WebSphere Application Server.\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by IBM WebSphere Application Server (WAS).\n\nAffected Supporting Product | Affected Supporting Product Security Bulletin \n---|--- \nIBM WebSphere Application Server Version 7.0 | [Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>) \n[Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>) \n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>) \n[Security Bulletin: Information Disclosure in WebSphere Application Server (CVE-2018-1621)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016821>) \n \n## Workarounds and Mitigations\n\nNone.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-07-18T10:28:59", "type": "ibm", "title": "Security Bulletin: Security vulnerabilities have been identified in the WebSphere Application Server where the RAM is deployed.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-0899", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2018-07-18T10:28:59", "id": "43DA4697F34CF5D5A6799540E74541895D58CA735AF6018C2189B56DA5C5FD59", "href": "https://www.ibm.com/support/pages/node/716055", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-06T18:36:07", "description": "## Summary\n\nMultiple vulnerabilities in Apache Santuario XML Security for Java used by IBM InfoSphere Information Server were addressed.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2009-0217](<https://vulners.com/cve/CVE-2009-0217>) \n** DESCRIPTION: **Multiple vendor applications that utilize the W3C XML Signature Syntax and Processing (XMLDsig) recommendation could allow a remote attacker to conduct spoofing attacks on the system. The parameter used by the design defines HMAC truncation length without a minimum length requirement. A remote attacker could exploit this vulnerability using an HMAC truncated length containing a small amount of bits to spoof HMAC-based signatures, bypass authentication and launch further attacks against the system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/51716](<https://exchange.xforce.ibmcloud.com/vulnerabilities/51716>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2013-2172](<https://vulners.com/cve/CVE-2013-2172>) \n** DESCRIPTION: **Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/85323](<https://exchange.xforce.ibmcloud.com/vulnerabilities/85323>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2013-4517](<https://vulners.com/cve/CVE-2013-4517>) \n** DESCRIPTION: **Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/89891](<https://exchange.xforce.ibmcloud.com/vulnerabilities/89891>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2021-40690](<https://vulners.com/cve/CVE-2021-40690>) \n** DESCRIPTION: **Apache Santuario XML Security for Java could allow a remote attacker to bypass security restrictions, caused by the improper passing of the \"secureValidation\" property when creating a KeyInfo from a KeyInfoReference element. An attacker could exploit this vulnerability to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nInfoSphere Information Server| 11.7 \n \n\n\n## Remediation/Fixes\n\n_Product_| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \nInfoSphere Information Server, Information Server on Cloud| 11.7| [DT143283](<https://www.ibm.com/mysupport/aCI3p000000Xish> \"DT143283\" ) \n| \\--Apply InfoSphere Information Server version [11.7.1.0](<https://www.ibm.com/support/docview.wss?uid=ibm10878310> \"11.7.1.0\" ) \n\\--Apply InfoSphere Information Server version [11.7.1.4](<https://www.ibm.com/support/pages/node/6620275> \"11.7.1.4\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-10-14T22:24:44", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Apache Santuario XML Security for Java affect IBM InfoSphere Information Server", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0217", "CVE-2013-2172", "CVE-2013-4517", "CVE-2021-40690"], "modified": "2022-10-14T22:24:44", "id": "F6BC10354A07CCD87F52BAC1053D9E1403CC47698D49BA1AAD057CE5C0DE00EB", "href": "https://www.ibm.com/support/pages/node/6829363", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-21T21:41:27", "description": "## Summary\n\nThere are multiple vulnerabilities in IBM WebSphere application server that may potentially affect IBM Workload Scheduler. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2018-1621_](<https://vulners.com/cve/CVE-2018-1621>) \n**DESCRIPTION:** IBM WebSphere Application Server could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. \nCVSS Base Score: 4.4 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/144346_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144346>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [_CVE-2018-1614_](<https://vulners.com/cve/CVE-2018-1614>) \n**DESCRIPTION:** IBM WebSphere Application Server using malformed SAML responses from the SAML identity provider could allow a remote attacker to obtain sensitive information. \nCVSS Base Score: 5.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/144270_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144270>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N)\n\n**CVEID:** [_CVE-2012-5783_](<https://vulners.com/cve/CVE-2012-5783>) \n**DESCRIPTION:** Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/79984_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [_CVE-2015-0899_](<https://vulners.com/cve/CVE-2015-0899>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to bypass security restrictions, caused by an error in the MultiPageValidator implementation. An attacker could exploit this vulnerability using a modified page parameter to bypass restrictions and launch further attacks on the system. This vulnerability also affects other products. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/101770_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101770>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\nThese vulnerabilities in IBM WebSphere application server may potentially affect IBM Workload Scheduler 9,1, 9.2, 9.3 or 9.4. \n\n## Remediation/Fixes\n\nIBM WebSphere has published the following security bulletins to addresses the mentioned vulnerabilities.\n\nFor _[CVE-2015-0899](<https://vulners.com/cve/CVE-2015-0899>) _refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22015348> .\n\nFor _[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) _refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22016216> .\n\nFor _[CVE-2018-1614](<https://vulners.com/cve/CVE-2018-1614>)_ refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22016887> .\n\nFor _[CVE-2018-1621](<https://vulners.com/cve/CVE-2018-1621>)_ refer to <http://www-01.ibm.com/support/docview.wss?uid=swg22016821> .\n\n## Workarounds and Mitigations\n\nN/A\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-19T15:00:50", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in WebSphere application server affect IBM Workload Scheduler", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-0899", "CVE-2018-1614", "CVE-2018-1621"], "modified": "2020-06-19T15:00:50", "id": "D66B903250F05C7E6F628063E46BB788B758ACF5470BDBDCE9A7DDCF98ED3362", "href": "https://www.ibm.com/support/pages/node/734305", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-21T21:42:09", "description": "## Summary\n\nWebsphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in security bulletins.\n\n## Vulnerability Details\n\nPlease consult the security bulletins:\n\n[Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>),\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>),\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>),\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>)\n\nfor vulnerability details and information about fixes.\n\n## Affected Products and Versions\n\nPredictive Customer Intelligence versions 1.0, 1.0.1, 1.1, 1.1.1, 1.1.2\n\n## Remediation/Fixes\n\nRefer to the following security bulletins for vulnerability details and information about fixes addressed by Websphere Application Server which is/are shipped with Predictive Customer Intelligence.\n\nPrincipal Product and Version(s) | Affected Supporting Product and Version | Affected Supporting Product Security Bulletin \n---|---|--- \nPredictive Customer Intelligence 1.0 and 1.0.1 | Websphere Application Server 8.5.5 | [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \nPredictive Customer Intelligence 1.1 and 1.1.1 | Websphere Application Server 8.5.5.6 | [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \nPredictive Customer Intelligence 1.1.2 | Websphere Application Server 9.0.0.4 | [Security Bulletin: Information disclosure in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016216>)\n\n[Security Bulletin: Information disclosure in WebSphere Application Server with SAML (CVE-2018-1614)](<http://www-01.ibm.com/support/docview.wss?uid=swg22016887>)\n\n[Security Bulletin: Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI](<http://www-01.ibm.com/support/docview.wss?uid=swg22016214>)\n\n[Security Bulletin: Potential vulnerability in WebSphere Application Server (CVE-2015-0899)](<http://www-01.ibm.com/support/docview.wss?uid=swg22015348>) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-02-11T21:31:00", "type": "ibm", "title": "Security Bulletin: Security Vulnerabilities have been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2012-5783, CVE-2018-1614, CVE-2014-0114, CVE-2015-0899)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2014-0114", "CVE-2015-0899", "CVE-2018-1614"], "modified": "2020-02-11T21:31:00", "id": "0F8C9B43069C04EF8D42F75FA8D42A5837D2A01F1B45F132DD6CE116C7562B83", "href": "https://www.ibm.com/support/pages/node/715391", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-08T02:32:38", "description": "## Summary\n\nApache Commons HttpClient 3.x (and few others) used do not verify the server hostname in the subject Common Name (CN) and allows Man-In-The-Middle (MITM) attack \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2014-3577](<https://vulners.com/cve/CVE-2014-3577>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95327](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95327>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-6153](<https://vulners.com/cve/CVE-2012-6153>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix related to the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95328](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95328>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2015-5262](<https://vulners.com/cve/CVE-2015-5262>) \n** DESCRIPTION: **Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured connection during the initial handshake of an HTTPS connection by the HttpClient component. An attacker could exploit this vulnerability to accumulate multiple connections and exhaust all available resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/106932](<https://exchange.xforce.ibmcloud.com/vulnerabilities/106932>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Control Desk| IBM Control Desk 7.6.x \nIBM SmartCloud Control Desk| 7.5.X \n \n\n\n## Remediation/Fixes\n\nTo fix the vulnerability related to Apache CommonsHttpClient, an alternate package from different provider under Apache have been used. \nNew commons-httpclient jar will mitigate existing vulnerabilities.\n\n## Workarounds and Mitigations\n\nNew commons-httpclient jar is used from a different provider under Apache.\n\n## ", "cvss3": {}, "published": "2022-12-12T13:16:13", "type": "ibm", "title": "Security Bulletin: Apache Commons HttpClient 3.x (and few others) allow Man-In-The-Middle (MITM) attack", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577", "CVE-2015-5262"], "modified": "2022-12-12T13:16:13", "id": "1F7A45CD4D73686FA6C9591207830D1B405EB9704E1C5F2BE5F439A0FE018D74", "href": "https://www.ibm.com/support/pages/node/6847289", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-08T02:25:14", "description": "## Summary\n\nIBM B2B Advanced Communications has addressed vulnerabilities in Apache HttpClient shipped with product.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2014-3577](<https://vulners.com/cve/CVE-2014-3577>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95327](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95327>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2015-5262](<https://vulners.com/cve/CVE-2015-5262>) \n** DESCRIPTION: **Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured connection during the initial handshake of an HTTPS connection by the HttpClient component. An attacker could exploit this vulnerability to accumulate multiple connections and exhaust all available resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/106932](<https://exchange.xforce.ibmcloud.com/vulnerabilities/106932>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2012-6153](<https://vulners.com/cve/CVE-2012-6153>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix related to the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95328](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95328>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM B2B Advanced Communications| 1.0.0.x \nIBM Multi-Enterprise Integration Gateway| 1.0.0.1 \n \n\n\n## Remediation/Fixes\n\n**Product** | \n\n**Version**\n\n| \n\n**Remediation** \n \n---|---|--- \n \nIBM B2B Advanced Communications\n\n| \n\n1.0.0.x\n\n| Apply fix pack [1.0.0.8](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.7&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.8_FixPack_Media&includeSupersedes=0> \"1.0.0.8\" ) \nIBM Multi-Enterprise Integration Gateway| \n\n1.0.0.1\n\n| Apply fix pack [1.0.0.8 ](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Other%20software&product=ibm/Other+software/Multi-Enterprise+Integration+Gateway&release=1.0.0.7&platform=All&function=fixId&fixids=IBM_B2B_Advanced_Communications_V1.0.0.8_FixPack_Media&includeSupersedes=0> \"1.0.0.8\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2023-02-20T07:01:38", "type": "ibm", "title": "Security Bulletin: IBM B2B Advanced Communications is vulnerable to multiple issues due to Apache HttpClient", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577", "CVE-2015-5262", "CVE-2020-13956"], "modified": "2023-02-20T07:01:38", "id": "F976E6D48149579C30755509014967F1B6A7163FEAAB9453EBE9572696C3DDDD", "href": "https://www.ibm.com/support/pages/node/6956846", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-08T02:18:09", "description": "## Summary\n\nApache HttpClient used by IBM Tivoli Application Dependency Discovery Manager and is vulnerable to CVE-2011-1498, CVE-2012-5783, CVE-2012-6153, CVE-2014-3577,CVE-2015-5262\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2011-1498](<https://vulners.com/cve/CVE-2011-1498>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to obtain sensitive information, caused by an unspecified error in HttpClient. An attacker could exploit this vulnerability to send the Proxy-Authorization header to the host and disclose the user's password. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/66241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/66241>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>) \n** DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2012-6153](<https://vulners.com/cve/CVE-2012-6153>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by an incomplete fix related to the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95328](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95328>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2014-3577](<https://vulners.com/cve/CVE-2014-3577>) \n** DESCRIPTION: **Apache HttpComponents could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the Subject's Common Name (CN) or SubjectAltName field of certificates. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/95327](<https://exchange.xforce.ibmcloud.com/vulnerabilities/95327>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2015-5262](<https://vulners.com/cve/CVE-2015-5262>) \n** DESCRIPTION: **Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured connection during the initial handshake of an HTTPS connection by the HttpClient component. An attacker could exploit this vulnerability to accumulate multiple connections and exhaust all available resources. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/106932](<https://exchange.xforce.ibmcloud.com/vulnerabilities/106932>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Tivoli Application Dependency Discovery Manager| 7.3.0.0 -7.3.0.10 \n \n## Remediation/Fixes\n\nIn order to fix these vulnerabilities, Please follow below steps:\n\n**For TADDM 7.3.0.0-7.3.0.9, **Please upgrade your TADDM environment to 7.3.0.10 and then download the e-fix given in Table-1 and apply the e-fix.\n\n**For TADDM 7.3.0.10, **Please download the e-fix given in Table-1 and apply the e-fix.\n\n**Table-1**\n\nFix| \n\n**VRMF **\n\n| **APAR**| **How to acquire fix** \n---|---|---|--- \nefix_apache_https_4.5.14_FP10221123.zip| \n\n7.3.0.10\n\n| None| [Download eFix](<https://www.secure.ecurep.ibm.com/download/?id=CrKx6xuLnRjwkBcN8fiM8j0iluMzaH8ScFLWt3npfgM> \"Download eFix\" ) \n \n**Note:** Above e-fix is a custom e-fix, if there is no e-fix applied on your TADDM server, please applied it directly else please raise a case to TADDM Support team to get Custom e-fix.\n\nPlease refer to the table below to download TADDM FixPack 7.3.0.10.\n\n**Fix**| **How to acquire fix** \n---|--- \n7.3-TIV-ITADDM-FP00010| [Download FixPack](<http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FTivoli+Application+Dependency+Discovery+Manager&fixids=7.3-TIV-ITADDM-FP00010&source=SAR> \"Download FixPack\" ) \n \nPlease refer to the URL for TADDM FixPack 7.3.0.10 Release Notes containing more information about the update.\n\n<https://www.ibm.com/docs/en/taddm/7.3.0?topic=release-notes#relnotes__fp10>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2023-04-28T07:47:48", "type": "ibm", "title": "Security Bulletin: TADDM is vulnerable to a denial of service due to vulnerabilities in Apache HttpClient", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1498", "CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577", "CVE-2015-5262"], "modified": "2023-04-28T07:47:48", "id": "E865AEC861081DF4FF67DBF0B04D3E134D71A5914681CD7C13E100D35E6CDBA7", "href": "https://www.ibm.com/support/pages/node/6985905", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "description": "The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of applications that may require HTTP support. Although the java.net package provides basic support for accessing resources via HTTP, it doesn't provide the full flexibility or functionality needed by many applications. The Jakarta Commons HTTP Client component seeks to fill this void by providing an efficient, up-to-date, and feature-rich package implementing the client side of the most recent HTTP standards and recommendations. Designed for extension while providing robust support for the base HTTP protocol, the HTTP Client component may be of interest to anyone building HTTP-aware client applications such as web browsers, web service clients, or systems that leverage or extend the HTTP protocol for distributed communication. ", "cvss3": {}, "published": "2013-02-01T16:27:25", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: jakarta-commons-httpclient-3.1-12.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2013-02-01T16:27:25", "id": "FEDORA:EE17520E26", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7B72U57KWSD5O7VSMWNHWVGYMHTSEDG2/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of applications that may require HTTP support. Although the java.net package provides basic support for accessing resources via HTTP, it doesn't provide the full flexibility or functionality needed by many applications. The Jakarta Commons HTTP Client component seeks to fill this void by providing an efficient, up-to-date, and feature-rich package implementing the client side of the most recent HTTP standards and recommendations. Designed for extension while providing robust support for the base HTTP protocol, the HTTP Client component may be of interest to anyone building HTTP-aware client applications such as web browsers, web service clients, or systems that leverage or extend the HTTP protocol for distributed communication. ", "cvss3": {}, "published": "2013-02-01T16:49:49", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: jakarta-commons-httpclient-3.1-12.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2013-02-01T16:49:49", "id": "FEDORA:5B904214E6", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RWUKGYKRGHBAGPTK44ZP6GOTKBPXCURN/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of applications that may require HTTP support. Although the java.net package provides basic support for accessing resources via HTTP, it doesn't provide the full flexibility or functionality needed by many applications. The Jakarta Commons HTTP Client component seeks to fill this void by providing an efficient, up-to-date, and feature-rich package implementing the client side of the most recent HTTP standards and recommendations. Designed for extension while providing robust support for the base HTTP protocol, the HTTP Client component may be of interest to anyone building HTTP-aware client applications such as web browsers, web service clients, or systems that leverage or extend the HTTP protocol for distributed communication. ", "cvss3": {}, "published": "2013-02-01T16:45:35", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: jakarta-commons-httpclient-3.1-12.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2013-02-01T16:45:35", "id": "FEDORA:25F4A2151F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4TWWEL3LLEQXRZ6ZKQBGQNSHJ2SLFMXN/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of applications that may require HTTP support. Although the java.net package provides basic support for accessing resources via HTTP, it doesn't provide the full flexibility or functionality needed by many applications. The Jakarta Commons HTTP Client component seeks to fill this void by providing an efficient, up-to-date, and feature-rich package implementing the client side of the most recent HTTP standards and recommendations. Designed for extension while providing robust support for the base HTTP protocol, the HTTP Client component may be of interest to anyone building HTTP-aware client applications such as web browsers, web service clients, or systems that leverage or extend the HTTP protocol for distributed communication. ", "cvss3": {}, "published": "2014-08-27T01:31:46", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: jakarta-commons-httpclient-3.1-15.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2014-08-27T01:31:46", "id": "FEDORA:5D10B2170F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EHE4PEY7MN35Z4MN24L27UA2G2F4N73I/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant protocol used on the Internet today. Web services, network-enabled appliances and the growth of network computing continue to expand the role of the HTTP protocol beyond user-driven web browsers, and increase the number of applications that may require HTTP support. Although the java.net package provides basic support for accessing resources via HTTP, it doesn't provide the full flexibility or functionality needed by many applications. The Jakarta Commons HTTP Client component seeks to fill this void by providing an efficient, up-to-date, and feature-rich package implementing the client side of the most recent HTTP standards and recommendations. Designed for extension while providing robust support for the base HTTP protocol, the HTTP Client component may be of interest to anyone building HTTP-aware client applications such as web browsers, web service clients, or systems that leverage or extend the HTTP protocol for distributed communication. ", "cvss3": {}, "published": "2014-08-27T01:28:57", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: jakarta-commons-httpclient-3.1-15.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2014-08-27T01:28:57", "id": "FEDORA:38DE2220D8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ATCBGFOJGL5PVJLK4ZEXIFTNVFATFKQD/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "description": "Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License version 2.0. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. ", "cvss3": {}, "published": "2012-12-19T08:29:53", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: tomcat-7.0.33-1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2733", "CVE-2012-3439", "CVE-2012-3546", "CVE-2012-4431", "CVE-2012-4534"], "modified": "2012-12-19T08:29:53", "id": "FEDORA:7E5312097C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IUS2BOFSB65HN3RKMSQQ5TTYBYCGPMZC/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:36:08", "description": "Oracle Linux Local Security Checks ELSA-2013-0270", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0270", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123724", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0270.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123724\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:41 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0270\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0270 - jakarta-commons-httpclient security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0270\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0270.html\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~0.7.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.1~0.7.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.1~0.7.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.1~0.7.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2017-07-27T10:52:00", "description": "Check for the Version of jakarta-commons-httpclient", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "RedHat Update for jakarta-commons-httpclient RHSA-2013:0270-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870917", "href": "http://plugins.openvas.org/nasl.php?oid=870917", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for jakarta-commons-httpclient RHSA-2013:0270-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Jakarta Commons HttpClient component can be used to build HTTP-aware\n client applications (such as web browsers and web service clients).\n\n The Jakarta Commons HttpClient component did not verify that the server\n hostname matched the domain name in the subject's Common Name (CN) or\n subjectAltName field in X.509 certificates. This could allow a\n man-in-the-middle attacker to spoof an SSL server if they had a certificate\n that was valid for any domain name. (CVE-2012-5783)\n\n All users of jakarta-commons-httpclient are advised to upgrade to these\n updated packages, which correct this issue. Applications using the Jakarta\n Commons HttpClient component must be restarted for this update to take\n effect.\";\n\n\ntag_affected = \"jakarta-commons-httpclient on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00031.html\");\n script_id(870917);\n script_version(\"$Revision: 6687 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:46:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:34 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_bugtraq_id(58073);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"RHSA\", value: \"2013:0270-01\");\n script_name(\"RedHat Update for jakarta-commons-httpclient RHSA-2013:0270-01\");\n\n script_summary(\"Check for the Version of jakarta-commons-httpclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~0.7.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-debuginfo\", rpm:\"jakarta-commons-httpclient-debuginfo~3.1~0.7.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-debuginfo\", rpm:\"jakarta-commons-httpclient-debuginfo~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2020-03-17T23:01:57", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-169)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120384", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120384", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120384\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:25:08 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-169)\");\n script_tag(name:\"insight\", value:\"The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783 )\");\n script_tag(name:\"solution\", value:\"Run yum update jakarta-commons-httpclient to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-169.html\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.1~12.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.1~12.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.1~12.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865298", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865298", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/097894.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865298\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 09:52:50 +0530 (Mon, 04 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1289\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2018-01-26T11:09:57", "description": "Check for the Version of jakarta-commons-httpclient", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-01-26T00:00:00", "id": "OPENVAS:865280", "href": "http://plugins.openvas.org/nasl.php?oid=865280", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"jakarta-commons-httpclient on Fedora 17\";\ntag_insight = \"The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant\n protocol used on the Internet today. Web services, network-enabled\n appliances and the growth of network computing continue to expand the\n role of the HTTP protocol beyond user-driven web browsers, and increase\n the number of applications that may require HTTP support.\n Although the java.net package provides basic support for accessing\n resources via HTTP, it doesn't provide the full flexibility or\n functionality needed by many applications. The Jakarta Commons HTTP\n Client component seeks to fill this void by providing an efficient,\n up-to-date, and feature-rich package implementing the client side of the\n most recent HTTP standards and recommendations.\n Designed for extension while providing robust support for the base HTTP\n protocol, the HTTP Client component may be of interest to anyone\n building HTTP-aware client applications such as web browsers, web\n service clients, or systems that leverage or extend the HTTP protocol\n for distributed communication.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/097885.html\");\n script_id(865280);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 09:50:33 +0530 (Mon, 04 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1189\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of jakarta-commons-httpclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-28T10:48:31", "description": "James Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.", "cvss3": {}, "published": "2014-11-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3065-1 (libxml-security-java - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2017-07-13T00:00:00", "id": "OPENVAS:703065", "href": "http://plugins.openvas.org/nasl.php?oid=703065", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3065.nasl 6715 2017-07-13 09:57:40Z teissa $\n# Auto-generated from advisory DSA 3065-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703065);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2013-2172\");\n script_name(\"Debian Security Advisory DSA 3065-1 (libxml-security-java - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-11-06 00:00:00 +0100 (Thu, 06 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3065.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"libxml-security-java on Debian Linux\");\n script_tag(name: \"insight\", value: \"Apache Santuario supports XML-Signature Syntax and Processing, W3C\nRecommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C\nRecommendation 10 December 2002. As of version 1.4, the Java library supports\nthe standard Java API JSR-105: XML Digital Signature APIs.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy), this problem has been fixed in\nversion 1.4.5-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.5.5-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.5.5-2.\n\nWe recommend that you upgrade your libxml-security-java packages.\");\n script_tag(name: \"summary\", value: \"James Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxml-security-java\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java-doc\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java-doc\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java-doc\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml-security-java-doc\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:34", "description": "James Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.", "cvss3": {}, "published": "2014-11-06T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3065-1 (libxml-security-java - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2172"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310703065", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703065", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3065.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3065-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703065\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2013-2172\");\n script_name(\"Debian Security Advisory DSA 3065-1 (libxml-security-java - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-06 00:00:00 +0100 (Thu, 06 Nov 2014)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3065.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"libxml-security-java on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), this problem has been fixed in\nversion 1.4.5-1+deb7u1.\n\nFor the testing distribution (jessie), this problem has been fixed in\nversion 1.5.5-2.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.5.5-2.\n\nWe recommend that you upgrade your libxml-security-java packages.\");\n script_tag(name:\"summary\", value:\"James Forshaw discovered that, in Apache Santuario XML Security for\nJava, CanonicalizationMethod parameters were incorrectly validated:\nby specifying an arbitrary weak canonicalization algorithm, an\nattacker could spoof XML signatures.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libxml-security-java\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxml-security-java-doc\", ver:\"1.4.5-1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-23T13:10:00", "description": "Check for the Version of jakarta-commons-httpclient", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "CentOS Update for jakarta-commons-httpclient CESA-2013:0270 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:881604", "href": "http://plugins.openvas.org/nasl.php?oid=881604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for jakarta-commons-httpclient CESA-2013:0270 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Jakarta Commons HttpClient component can be used to build HTTP-aware\n client applications (such as web browsers and web service clients).\n\n The Jakarta Commons HttpClient component did not verify that the server\n hostname matched the domain name in the subject's Common Name (CN) or\n subjectAltName field in X.509 certificates. This could allow a\n man-in-the-middle attacker to spoof an SSL server if they had a certificate\n that was valid for any domain name. (CVE-2012-5783)\n \n All users of jakarta-commons-httpclient are advised to upgrade to these\n updated packages, which correct this issue. Applications using the Jakarta\n Commons HttpClient component must be restarted for this update to take\n effect.\";\n\n\ntag_affected = \"jakarta-commons-httpclient on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-February/019241.html\");\n script_id(881604);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:04:51 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"CESA\", value: \"2013:0270\");\n script_name(\"CentOS Update for jakarta-commons-httpclient CESA-2013:0270 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of jakarta-commons-httpclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-25T10:52:08", "description": "Check for the Version of jakarta-commons-httpclient", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:865298", "href": "http://plugins.openvas.org/nasl.php?oid=865298", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"jakarta-commons-httpclient on Fedora 16\";\ntag_insight = \"The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant\n protocol used on the Internet today. Web services, network-enabled\n appliances and the growth of network computing continue to expand the\n role of the HTTP protocol beyond user-driven web browsers, and increase\n the number of applications that may require HTTP support.\n Although the java.net package provides basic support for accessing\n resources via HTTP, it doesn't provide the full flexibility or\n functionality needed by many applications. The Jakarta Commons HTTP\n Client component seeks to fill this void by providing an efficient,\n up-to-date, and feature-rich package implementing the client side of the\n most recent HTTP standards and recommendations.\n Designed for extension while providing robust support for the base HTTP\n protocol, the HTTP Client component may be of interest to anyone\n building HTTP-aware client applications such as web browsers, web\n service clients, or systems that leverage or extend the HTTP protocol\n for distributed communication.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/097894.html\");\n script_id(865298);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 09:52:50 +0530 (Mon, 04 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1289\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2013-1289\");\n\n script_summary(\"Check for the Version of jakarta-commons-httpclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-23T13:09:39", "description": "Check for the Version of jakarta-commons-httpclient", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:865277", "href": "http://plugins.openvas.org/nasl.php?oid=865277", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"jakarta-commons-httpclient on Fedora 18\";\ntag_insight = \"The Hyper-Text Transfer Protocol (HTTP) is perhaps the most significant\n protocol used on the Internet today. Web services, network-enabled\n appliances and the growth of network computing continue to expand the\n role of the HTTP protocol beyond user-driven web browsers, and increase\n the number of applications that may require HTTP support.\n Although the java.net package provides basic support for accessing\n resources via HTTP, it doesn't provide the full flexibility or\n functionality needed by many applications. The Jakarta Commons HTTP\n Client component seeks to fill this void by providing an efficient,\n up-to-date, and feature-rich package implementing the client side of the\n most recent HTTP standards and recommendations.\n Designed for extension while providing robust support for the base HTTP\n protocol, the HTTP Client component may be of interest to anyone\n building HTTP-aware client applications such as web browsers, web\n service clients, or systems that leverage or extend the HTTP protocol\n for distributed communication.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/097836.html\");\n script_id(865277);\n script_version(\"$Revision: 8494 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 07:57:55 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 09:50:25 +0530 (Mon, 04 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-1203\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of jakarta-commons-httpclient\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "RedHat Update for jakarta-commons-httpclient RHSA-2013:0270-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870917", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870917", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for jakarta-commons-httpclient RHSA-2013:0270-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-February/msg00031.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870917\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:01:34 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_bugtraq_id(58073);\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"RHSA\", value:\"2013:0270-01\");\n script_name(\"RedHat Update for jakarta-commons-httpclient RHSA-2013:0270-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The Jakarta Commons HttpClient component can be used to build HTTP-aware\n client applications (such as web browsers and web service clients).\n\n The Jakarta Commons HttpClient component did not verify that the server\n hostname matched the domain name in the subject's Common Name (CN) or\n subjectAltName field in X.509 certificates. This could allow a\n man-in-the-middle attacker to spoof an SSL server if they had a certificate\n that was valid for any domain name. (CVE-2012-5783)\n\n All users of jakarta-commons-httpclient are advised to upgrade to these\n updated packages, which correct this issue. Applications using the Jakarta\n Commons HttpClient component must be restarted for this update to take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~0.7.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-debuginfo\", rpm:\"jakarta-commons-httpclient-debuginfo~3.1~0.7.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-debuginfo\", rpm:\"jakarta-commons-httpclient-debuginfo~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.0~7jpp.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "CentOS Update for jakarta-commons-httpclient CESA-2013:0270 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for jakarta-commons-httpclient CESA-2013:0270 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-February/019241.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881604\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:04:51 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"CESA\", value:\"2013:0270\");\n script_name(\"CentOS Update for jakarta-commons-httpclient CESA-2013:0270 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The Jakarta Commons HttpClient component can be used to build HTTP-aware\n client applications (such as web browsers and web service clients).\n\n The Jakarta Commons HttpClient component did not verify that the server\n hostname matched the domain name in the subject's Common Name (CN) or\n subjectAltName field in X.509 certificates. This could allow a\n man-in-the-middle attacker to spoof an SSL server if they had a certificate\n that was valid for any domain name. (CVE-2012-5783)\n\n All users of jakarta-commons-httpclient are advised to upgrade to these\n updated packages, which correct this issue. Applications using the Jakarta\n Commons HttpClient component must be restarted for this update to take\n effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.0~7jpp.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865280", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865280", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/097885.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865280\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 09:50:33 +0530 (Mon, 04 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1189\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2013-1189\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865277", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865277", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-February/097836.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865277\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 09:50:25 +0530 (Mon, 04 Feb 2013)\");\n script_cve_id(\"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-1203\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2013-1203\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~12.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2018-01-26T11:09:37", "description": "Check for the Version of tomcat7", "cvss3": {}, "published": "2013-01-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat7 USN-1685-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-3546", "CVE-2012-4534"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:841274", "href": "http://plugins.openvas.org/nasl.php?oid=841274", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1685_1.nasl 8526 2018-01-25 06:57:37Z teissa $\n#\n# Ubuntu Update for tomcat7 USN-1685-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Tomcat incorrectly performed certain security\n constraint checks in the FORM authenticator. A remote attacker could\n possibly use this flaw with a specially-crafted URI to bypass security\n constraint checks. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10\n and Ubuntu 12.04 LTS. (CVE-2012-3546)\n\n It was discovered that Tomcat incorrectly handled requests that lack a\n session identifier. A remote attacker could possibly use this flaw to\n bypass the cross-site request forgery protection. (CVE-2012-4431)\n \n It was discovered that Tomcat incorrectly handled sendfile and HTTPS when\n the NIO connector is used. A remote attacker could use this flaw to cause\n Tomcat to stop responsing, resulting in a denial of service. This issue\n only affected Ubuntu 10.04 LTS, Ubuntu 11.10 and Ubuntu 12.04 LTS.\n (CVE-2012-4534)\";\n\n\ntag_affected = \"tomcat7 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1685-1/\");\n script_id(841274);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-15 18:07:42 +0530 (Tue, 15 Jan 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"USN\", value: \"1685-1\");\n script_name(\"Ubuntu Update for tomcat7 USN-1685-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.32-5ubuntu1.4\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.24-2ubuntu1.12\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.30-0ubuntu1.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for tomcat7 USN-1685-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4431", "CVE-2012-3546", "CVE-2012-4534"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841274", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841274", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1685_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for tomcat7 USN-1685-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1685-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841274\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-15 18:07:42 +0530 (Tue, 15 Jan 2013)\");\n script_cve_id(\"CVE-2012-3546\", \"CVE-2012-4431\", \"CVE-2012-4534\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"USN\", value:\"1685-1\");\n script_name(\"Ubuntu Update for tomcat7 USN-1685-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"tomcat7 on Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Tomcat incorrectly performed certain security\n constraint checks in the FORM authenticator. A remote attacker could\n possibly use this flaw with a specially-crafted URI to bypass security\n constraint checks. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10\n and Ubuntu 12.04 LTS. (CVE-2012-3546)\n\n It was discovered that Tomcat incorrectly handled requests that lack a\n session identifier. A remote attacker could possibly use this flaw to\n bypass the cross-site request forgery protection. (CVE-2012-4431)\n\n It was discovered that Tomcat incorrectly handled sendfile and HTTPS when\n the NIO connector is used. A remote attacker could use this flaw to cause\n Tomcat to stop responding, resulting in a denial of service. This issue\n only affected Ubuntu 10.04 LTS, Ubuntu 11.10 and Ubuntu 12.04 LTS.\n (CVE-2012-4534)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.35-1ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.32-5ubuntu1.4\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat6-java\", ver:\"6.0.24-2ubuntu1.12\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libtomcat7-java\", ver:\"7.0.30-0ubuntu1.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-17T23:00:35", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-410)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6153", "CVE-2012-5783", "CVE-2014-3577"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120079", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120079\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:16:57 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-410)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in Apache Commons HttpClient 3.x library. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update jakarta-commons-httpclient to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-410.html\");\n script_cve_id(\"CVE-2012-5783\", \"CVE-2014-3577\", \"CVE-2012-6153\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient-manual\", rpm:\"jakarta-commons-httpclient-manual~3.1~15.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient-demo\", rpm:\"jakarta-commons-httpclient-demo~3.1~15.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient-javadoc\", rpm:\"jakarta-commons-httpclient-javadoc~3.1~15.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~15.8.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2014-9539", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6153", "CVE-2012-5783", "CVE-2014-3577"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868129", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868129", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2014-9539\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868129\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-27 05:54:55 +0200 (Wed, 27 Aug 2014)\");\n script_cve_id(\"CVE-2014-3577\", \"CVE-2012-6153\", \"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2014-9539\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9539\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137013.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~15.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for jakarta-commons-httpclient FEDORA-2014-9581", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6153", "CVE-2012-5783", "CVE-2014-3577"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868132", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868132", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jakarta-commons-httpclient FEDORA-2014-9581\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868132\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-27 05:55:01 +0200 (Wed, 27 Aug 2014)\");\n script_cve_id(\"CVE-2014-3577\", \"CVE-2012-6153\", \"CVE-2012-5783\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_name(\"Fedora Update for jakarta-commons-httpclient FEDORA-2014-9581\");\n script_tag(name:\"affected\", value:\"jakarta-commons-httpclient on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9581\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/137032.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jakarta-commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"jakarta-commons-httpclient\", rpm:\"jakarta-commons-httpclient~3.1~15.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-15T00:00:00", "type": "openvas", "title": "Ubuntu Update for commons-httpclient USN-2769-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6153", "CVE-2015-5262", "CVE-2012-5783", "CVE-2014-3577"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842488", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842488", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for commons-httpclient USN-2769-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842488\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-15 08:48:23 +0200 (Thu, 15 Oct 2015)\");\n script_cve_id(\"CVE-2012-5783\", \"CVE-2012-6153\", \"CVE-2014-3577\", \"CVE-2015-5262\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for commons-httpclient USN-2769-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'commons-httpclient'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Apache Commons HttpClient did not properly verify the\nCommon Name or subjectAltName fields of X.509 certificates. An attacker could\nexploit this to perform a man in the middle attack to view sensitive\ninformation or alter encrypted communications. This issue only affected Ubuntu\n12.04 LTS. (CVE-2012-5783)\n\nFlorian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache\nCommons HttpClient. An attacker could exploit this to perform a man in the\nmiddle attack to view sensitive information or alter encrypted communications.\nThis issue only affected Ubuntu 12.04 LTS. (CVE-2012-6153)\n\nSubodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was\nincomplete for Apache Commons HttpClient. An attacker could exploit this to\nperform a man in the middle attack to view sensitive information or alter\nencrypted communications. (CVE-2014-3577)\n\nIt was discovered that Apache Commons HttpClient did not properly handle read\ntimeouts during HTTPS handshakes. A remote attacker could trigger this flaw to\ncause a denial of service. (CVE-2015-5262)\");\n script_tag(name:\"affected\", value:\"commons-httpclient on Ubuntu 15.04,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2769-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2769-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(15\\.04|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-httpclient-java\", ver:\"3.1-10.2ubuntu0.15.04.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-httpclient-java\", ver:\"3.1-10.2ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libcommons-httpclient-java\", ver:\"3.1-10ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-12-26T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2012-20151", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3439", "CVE-2012-4431", "CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4534"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864957", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864957", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2012-20151\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094893.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864957\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-26 12:01:01 +0530 (Wed, 26 Dec 2012)\");\n script_cve_id(\"CVE-2012-3439\", \"CVE-2012-2733\", \"CVE-2012-4534\",\n \"CVE-2012-4431\", \"CVE-2012-3546\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-20151\");\n script_name(\"Fedora Update for tomcat FEDORA-2012-20151\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tomcat'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"tomcat on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.33~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-06T13:06:53", "description": "Check for the Version of tomcat", "cvss3": {}, "published": "2012-12-26T00:00:00", "type": "openvas", "title": "Fedora Update for tomcat FEDORA-2012-20151", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3439", "CVE-2012-4431", "CVE-2012-2733", "CVE-2012-3546", "CVE-2012-4534"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:864957", "href": "http://plugins.openvas.org/nasl.php?oid=864957", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tomcat FEDORA-2012-20151\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tomcat is the servlet container that is used in the official Reference\n Implementation for the Java Servlet and JavaServer Pages technologies.\n The Java Servlet and JavaServer Pages specifications are developed by\n Sun under the Java Community Process.\n\n Tomcat is developed in an open and participatory environment and\n released under the Apache Software License version 2.0. Tomcat is intended\n to be a collaboration of the best-of-breed developers from around the world.\";\n\ntag_affected = \"tomcat on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094893.html\");\n script_id(864957);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-12-26 12:01:01 +0530 (Wed, 26 Dec 2012)\");\n script_cve_id(\"CVE-2012-3439\", \"CVE-2012-2733\", \"CVE-2012-4534\",\n \"CVE-2012-4431\", \"CVE-2012-3546\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-20151\");\n script_name(\"Fedora Update for tomcat FEDORA-2012-20151\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of tomcat\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"tomcat\", rpm:\"tomcat~7.0.33~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "amazon": [{"lastseen": "2023-12-06T18:14:17", "description": "**Issue Overview:**\n\nThe Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783)\n\n \n**Affected Packages:** \n\n\njakarta-commons-httpclient\n\n \n**Issue Correction:** \nRun _yum update jakarta-commons-httpclient_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n noarch: \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-javadoc-3.1-12.6.amzn1.noarch \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-3.1-12.6.amzn1.noarch \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-manual-3.1-12.6.amzn1.noarch \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-demo-3.1-12.6.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-3.1-12.6.amzn1.src \n \n \n\n### Additional References\n\nRed Hat: [CVE-2012-5783](<https://access.redhat.com/security/cve/CVE-2012-5783>)\n\nMitre: [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>)\n", "cvss3": {}, "published": "2013-03-14T22:04:00", "type": "amazon", "title": "Medium: jakarta-commons-httpclient", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783"], "modified": "2014-09-15T22:40:00", "id": "ALAS-2013-169", "href": "https://alas.aws.amazon.com/ALAS-2013-169.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-12-07T21:15:05", "description": "**Issue Overview:**\n\nApache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. \n\nIt was found that the fix for CVE-2012-6153 was incomplete: the code added to check that the server hostname matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. \n\nIt was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name (CN) field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate.\n\n \n**Affected Packages:** \n\n\njakarta-commons-httpclient\n\n \n**Issue Correction:** \nRun _yum update jakarta-commons-httpclient_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n noarch: \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-manual-3.1-15.8.amzn1.noarch \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-demo-3.1-15.8.amzn1.noarch \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-javadoc-3.1-15.8.amzn1.noarch \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-3.1-15.8.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 jakarta-commons-httpclient-3.1-15.8.amzn1.src \n \n \n\n### Additional References\n\nRed Hat: [CVE-2012-5783](<https://access.redhat.com/security/cve/CVE-2012-5783>), [CVE-2012-6153](<https://access.redhat.com/security/cve/CVE-2012-6153>), [CVE-2014-3577](<https://access.redhat.com/security/cve/CVE-2014-3577>)\n\nMitre: [CVE-2012-5783](<https://vulners.com/cve/CVE-2012-5783>), [CVE-2012-6153](<https://vulners.com/cve/CVE-2012-6153>), [CVE-2014-3577](<https://vulners.com/cve/CVE-2014-3577>)\n", "cvss3": {}, "published": "2014-09-17T21:47:00", "type": "amazon", "title": "Important: jakarta-commons-httpclient", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2012-6153", "CVE-2014-3577"], "modified": "2014-09-19T12:09:00", "id": "ALAS-2014-410", "href": "https://alas.aws.amazon.com/ALAS-2014-410.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:51", "description": "[1:3.1-0.7]\n- Add missing connection hostname check against X.509 certificate name\n- Resolves: CVE-2012-5783", "cvss3": {}, "published": "2013-02-19T00:00:00", "type": "oraclelinux", "title": "jakarta-commons-httpclient security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-5783"], "modified": "2013-02-19T00:00:00", "id": "ELSA-2013-0270", "href": "http://linux.oracle.com/errata/ELSA-2013-0270.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}], "ubuntu": [{"lastseen": "2023-12-06T16:35:40", "description": "## Releases\n\n * Ubuntu 10.04 \n\n## Packages\n\n * libxml-security-java \\- implementation of security standards for XML\n\nJames Forshaw discovered that Apache XML Security for Java incorrectly \nvalidated CanonicalizationMethod parameters. An attacker could use this \nflaw to spoof XML signatures.\n", "cvss3": {}, "published": "2013-11-12T00:00:00", "type": "ubuntu", "title": "Apache XML Security for Java vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2172"], "modified": "2013-11-12T00:00:00", "id": "USN-2028-1", "href": "https://ubuntu.com/security/notices/USN-2028-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-12-06T16:41:08", "description": "## Releases\n\n * Ubuntu 12.10 \n * Ubuntu 12.04 \n * Ubuntu 11.10 \n * Ubuntu 10.04 \n\n## Packages\n\n * tomcat6 \\- Servlet and JSP engine\n * tomcat7 \\- Servlet and JSP engine\n\nIt was discovered that Tomcat incorrectly performed certain security \nconstraint checks in the FORM authenticator. A remote attacker could \npossibly use this flaw with a specially-crafted URI to bypass security \nconstraint checks. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10 \nand Ubuntu 12.04 LTS. (CVE-2012-3546)\n\nIt was discovered that Tomcat incorrectly handled requests that lack a \nsession identifier. A remote attacker could possibly use this flaw to \nbypass the cross-site request forgery protection. (CVE-2012-4431)\n\nIt was discovered that Tomcat incorrectly handled sendfile and HTTPS when \nthe NIO connector is used. A remote attacker could use this flaw to cause \nTomcat to stop responsing, resulting in a denial of service. This issue \nonly affected Ubuntu 10.04 LTS, Ubuntu 11.10 and Ubuntu 12.04 LTS. \n(CVE-2012-4534)\n", "cvss3": {}, "published": "2013-01-14T00:00:00", &qu

(RHSA-2013:1853) Moderate: Red Hat JBoss Operations Network 3.2.0 update

Description

Related