This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote host has a version of Oracle Secure Global Desktop that is
affected by multiple vulnerabilities.
The remote host has a version of Oracle Secure Global Desktop
installed that is affected by multiple vulnerabilities :
- Specially crafted requests sent with chunked transfer
encoding could allow a remote attacker to perform a
'limited' denial of service attack on the Tomcat server.
- The Tomcat server is affected by a session fixation
vulnerability in the FORM authenticator. (CVE-2013-2067)
- The Apache Tomcat AsyncListener method is affected by a
cross-session information disclosure vulnerability when
handling user requests. (CVE-2013-2071)
- The Administration Console and Workspace Web
Applications subcomponent is affected by an unspecified,
remote vulnerability. (CVE-2014-0419)
See also :
Apply the appropriate patch according to the the January 2014 Oracle
Critical Patch Update advisory.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.3
Public Exploit Available : true
Nessus Plugin ID: 72339 ()
Bugtraq ID: 59797597985979964902
CVE ID: CVE-2012-3544CVE-2013-2067CVE-2013-2071CVE-2014-0419
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.