Oracle iPlanet Web Server 7.0 < 7.0.15 Multiple Vulnerabilities

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server is affected by multiple vulnerabilities.

Description :

According to its self-reported version, the web server listening on
this port is a version of Oracle iPlanet Web Server (formerly Sun Java
System Web Server) 7.0 prior to 7.0.15. It is, therefore, affected by
the following vulnerabilities :

- Input validation errors exist related to the
'helpLogoWidth' and 'helpLogoHeight' parameters of the
page 'admingui/cchelp2/Masthead.jsp' that could allow
cross-site scripting attacks.

- Input validation errors exist related to the
'productNameHeight' and 'productNameWidth'
parameters of the page 'admingui/version/Masthead.jsp'
that could allow cross-site scripting attacks.

- Input validation errors exist related to the
'appName' and 'pathPrefix' parameters of the page
'admingui/cchelp2/Navigator.jsp' that could allow
cross-site scripting attacks.

- An unspecified error exists that could allow denial of
service attacks. (CVE-2012-1738)

Note that Oracle states bug 12919334 'WS7: RANGE HEADER DOS
VULNERABILITY' could not be reproduced.

See also :

http://www.nessus.org/u?24cfa047
http://docs.oracle.com/cd/E18958_01/doc.70/e18789/chapter.htm
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
http://www.nessus.org/u?9ff04167

Solution :

Upgrade to Oracle iPlanet Web Server 7.0.15 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Web Servers

Nessus Plugin ID: 59736 ()

Bugtraq ID: 53133
54515

CVE ID: CVE-2012-0516
CVE-2012-1738