Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLE_HTTP_SERVER_CPU_OCT_2020.NASL
HistoryNov 02, 2020 - 12:00 a.m.

Oracle Fusion Middleware Oracle HTTP Server (Oct 2020 CPU)

2020-11-0200:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
225

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.831 High

EPSS

Percentile

98.5%

JSON

The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as referenced in the October 2020 CPU advisory:

  • A denial of service (DoS) vulnerability exists in the SSL Module (OpenSSL). An unauthenticated, remote attacker with network access via HTTPS, can exploit this issue to cause a hang or frequently repeatable crash (complete DoS) of Oracle HTTP Server. (CVE-2020-1967)

  • An unspecified vulnerability exists in the Apache HTTP Server Core component. A authenticated, remote attacker with network access via HTTP, can exploit this issue to compromise the Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-10097)

  • An unspecified vulnerability exists in Web Listener (cURL). An unauthenticated, remote attacker with network access via TFTP can exploit this issue to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-5482) Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(142212);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/19");

  script_cve_id("CVE-2019-5482", "CVE-2019-10097", "CVE-2020-1967");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");

  script_name(english:"Oracle Fusion Middleware Oracle HTTP Server (Oct 2020 CPU)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as
referenced in the October 2020 CPU advisory:

  - A denial of service (DoS) vulnerability exists in the SSL Module (OpenSSL). An unauthenticated, remote
    attacker with network access via HTTPS, can exploit this issue to cause a hang or frequently repeatable 
    crash (complete DoS) of Oracle HTTP Server. (CVE-2020-1967)

  - An unspecified vulnerability exists in the Apache HTTP Server Core component.  A authenticated, remote
    attacker with network access via HTTP, can exploit this issue to compromise the Oracle HTTP Server. 
    Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-10097)

  - An unspecified vulnerability exists in Web Listener (cURL). An unauthenticated, remote attacker with
    network access via TFTP can exploit this issue to compromise Oracle HTTP Server. Successful attacks of
    this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-5482)
  
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuoct2020.html");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the October 2020 Oracle Critical Patch Update advisory.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5482");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/10/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/10/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/11/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:fusion_middleware");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:http_server");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Web Servers");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_http_server_installed.nbin");
  script_require_keys("Oracle/OHS/Installed");

  exit(0);
}

include('oracle_http_server_patch_func.inc');

get_kb_item_or_exit('Oracle/OHS/Installed');
var install_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');

var install = branch(install_list, key:TRUE, value:TRUE);

var patches = make_array();
patches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.200911', 'patch', '31876370');
patches['12.2.1.4'] = make_array('fix_ver', '12.2.1.4.200826', 'patch', '31808404');

oracle_http_server_check_vuln(install : install, min_patches : patches, severity : SECURITY_HOLE);
VendorProductVersionCPE
oraclefusion_middlewarecpe:/a:oracle:fusion_middleware
oraclehttp_servercpe:/a:oracle:http_server

Related

ubuntucve 3
osv 9
nvd 3
httpd 1
alpinelinux 3
f5 3
redhatcve 3
hackerone 2
debiancve 3
cve 3
checkpoint_advisories 3
prion 3
openvas 41
cvelist 3
nessus 57
debian 3
ubuntu 2
symantec 1
ibm 13
oraclelinux 2
redhat 4
centos 1
suse 4
openssl 1
rustsec 1
huawei 1
veracode 2
mscve 1
archlinux 2
freebsd 1
githubexploit 1
freebsd_advisory 1
github 1
amazon 3
cloudfoundry 2
fedora 8
slackware 1
altlinux 2
gentoo 1
ubuntucve
ubuntucve
CVE-2019-10097
2019-08-14 00:00:00
CVE-2019-5482
2019-09-11 00:00:00
CVE-2020-1967
2020-04-21 00:00:00
osv
osv
CVE-2019-10097
2019-09-26 16:15:10
curl - security update
2019-09-12 00:00:00
CGA-cxcm-cwpp-cj4c
2024-07-04 22:10:15
nvd
nvd
CVE-2019-10097
2019-09-26 16:15:10
CVE-2019-5482
2019-09-16 19:15:10
CVE-2020-1967
2020-04-21 14:15:11
httpd
httpd
Apache Httpd < 2.4.41 : CVE-2019-10097 mod_remoteip: Stack buffer overflow and NULL pointer dereference
2019-07-23 00:00:00
alpinelinux
alpinelinux
CVE-2019-10097
2019-09-26 16:15:10
CVE-2019-5482
2019-09-16 19:15:10
CVE-2020-1967
2020-04-21 14:15:11
f5
f5
K54207009 : Apache mod_remoteip vulnerability CVE-2019-10097
2019-09-09 00:00:00
K41523201 : cURL vulnerability CVE-2019-5482
2020-12-23 00:00:00
K01251345 : OpenSSL vulnerability CVE-2020-1967
2020-04-23 00:00:00
redhatcve
redhatcve
CVE-2019-10097
2020-04-01 20:22:36
CVE-2019-5482
2019-09-13 06:51:53
CVE-2020-1967
2020-04-21 13:33:41
hackerone
hackerone
Internet Bug Bounty: mod_remoteip stack buffer overflow and NULL pointer dereference
2019-08-15 14:42:13
curl: Heap buffer overflow in TFTP when using small blksize
2019-08-29 15:52:19
debiancve
debiancve
CVE-2019-10097
2019-09-26 16:15:10
CVE-2019-5482
2019-09-16 19:15:10
CVE-2020-1967
2020-04-21 14:15:11
cve
cve
CVE-2019-10097
2019-09-26 16:15:10
CVE-2019-5482
2019-09-16 19:15:10
CVE-2020-1967
2020-04-21 14:15:11
checkpoint_advisories
checkpoint_advisories
Apache httpd Server Buffer Overflow (CVE-2019-10097)
2020-03-05 00:00:00
Haxx Curl Buffer Overflow (CVE-2019-5482)
2020-02-25 00:00:00
OpenSSL TLS NULL Pointer Dereference Denial of Service (CVE-2020-1967)
2020-06-02 00:00:00
prion
prion
Null pointer dereference
2019-09-26 16:15:00
Heap overflow
2019-09-16 19:15:00
Null pointer dereference
2020-04-21 14:15:00
openvas
openvas
Apache HTTP Server Stack Overflow Vulnerability - Linux
2019-10-18 00:00:00
Apache HTTP Server Stack Overflow Vulnerability - Windows
2019-10-18 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2339-2)
2021-04-19 00:00:00
cvelist
cvelist
CVE-2019-10097
2019-09-26 14:21:24
CVE-2019-5482
2019-09-16 18:06:35
CVE-2020-1967 Segmentation fault in SSL_check_chain
2020-04-21 00:00:00
nessus
nessus
Oracle Linux 7 : curl (ELSA-2020-3916)
2020-10-07 00:00:00
RHEL 7 : curl (RHSA-2021:0759)
2021-03-09 00:00:00
SUSE SLES11 Security Update : curl (SUSE-SU-2019:14172-1)
2021-06-10 00:00:00
debian
debian
[SECURITY] [DLA 1917-1] curl security update
2019-09-13 08:18:00
[SECURITY] [DSA 4661-1] openssl security update
2020-04-21 13:58:12
[SECURITY] [DSA 4633-1] curl security update
2020-02-24 19:45:52
ubuntu
ubuntu
curl vulnerability
2019-09-12 00:00:00
curl vulnerabilities
2019-09-11 00:00:00
symantec
symantec
curl/libcURL CVE-2019-5482 Heap Buffer Overflow Vulnerability
2019-08-31 00:00:00
ibm
ibm
Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by a libcurl security vulnerability (CVE-2019-5482)
2020-02-28 21:24:11
Security Bulletin: Vulnerability in OpenSSL library affects OS Pattern Kit used in IBM Cloud Pak System
2020-09-11 12:51:09
Security Bulletin: IBM Bootable Media Creator (BoMC) is affected by a vulnerability in cURL (CVE-2019-5482)
2020-06-24 18:53:55
oraclelinux
oraclelinux
curl security update
2020-03-09 00:00:00
curl security update
2020-03-08 00:00:00
redhat
redhat
(RHSA-2021:0759) Moderate: curl security update
2021-03-09 08:47:34
(RHSA-2021:0877) Moderate: curl security update
2021-03-16 13:07:11
(RHSA-2021:1027) Moderate: curl security update
2021-03-30 07:24:22
centos
centos
curl, libcurl security update
2020-10-20 17:52:24
suse
suse
Security update for rust, rust-cbindgen (moderate)
2020-07-06 00:00:00
Security update for rust, rust-cbindgen (moderate)
2020-07-07 00:00:00
Security update for curl (important)
2019-09-18 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2020-1967
2020-04-21 00:00:00
rustsec
rustsec
Crash causing Denial of Service attack
2020-04-25 12:00:00
huawei
huawei
Security Advisory - Denial of Service Vulnerability in OpenSSL
2020-07-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-08-06 21:28:47
Arbitrary Code Execution
2019-09-12 07:10:22
mscve
mscve
OpenSSL Remote Denial of Service Vulnerability
2020-04-21 07:00:00
archlinux
archlinux
[ASA-202004-19] lib32-openssl: denial of service
2020-04-22 00:00:00
[ASA-202004-18] openssl: denial of service
2020-04-21 00:00:00
freebsd
freebsd
OpenSSL remote denial of service vulnerability
2020-04-21 00:00:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Openssl
2020-04-28 21:15:35
freebsd_advisory
freebsd_advisory
FreeBSD-SA-20:11.openssl
2020-04-21 00:00:00
github
github
Null pointer deference in openssl-src
2021-08-25 20:45:15
amazon
amazon
Medium: curl
2019-10-21 18:01:00
Medium: curl
2019-09-30 20:56:00
Medium: httpd
2019-10-28 17:42:00
cloudfoundry
cloudfoundry
PXC Release update for April 2020 MySQL security patches | Cloud Foundry
2020-08-10 00:00:00
USN-4129-1: curl vulnerabilities | Cloud Foundry
2019-09-30 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: curl-7.66.0-1.fc31
2019-09-21 00:04:17
[SECURITY] Fedora 30 Update: openssl-1.1.1g-1.fc30
2020-04-30 02:52:05
[SECURITY] Fedora 31 Update: openssl-1.1.1g-1.fc31
2020-05-09 04:12:38
slackware
slackware
[slackware-security] curl
2019-09-12 05:20:08
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1g-alt1
2020-04-29 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1g-alt1
2020-04-21 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2020-04-23 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.831 High

EPSS

Percentile

98.5%

JSON
Related for ORACLE_HTTP_SERVER_CPU_OCT_2020.NASL
ubuntucve3osv9nvd3httpd1alpinelinux3f53redhatcve3hackerone2debiancve3cve3checkpoint_advisories3prion3openvas41cvelist3nessus57debian3ubuntu2symantec1ibm13oraclelinux2redhat4centos1suse4openssl1rustsec1huawei1veracode2mscve1archlinux2freebsd1githubexploit1freebsd_advisory1github1amazon3cloudfoundry2fedora8slackware1altlinux2gentoo1