Oracle WebLogic Server Multiple Vulnerabilities (April 2015 CPU) (POODLE)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The remote host has a version of Oracle WebLogic Server installed that
is affected by multiple vulnerabilities :

- A man-in-the-middle (MitM) information disclosure
vulnerability exists known as POODLE. The vulnerability
is due to the way SSL 3.0 handles padding bytes when
decrypting messages encrypted using block ciphers in
cipher block chaining (CBC) mode. MitM attackers can
decrypt a selected byte of a cipher text in as few as
256 tries if they are able to force a victim application
to repeatedly send the same data over newly created SSL
3.0 connections. (CVE-2014-3566)

- An unspecified flaw exist in the Console subcomponent
which a remote attacker can exploit to impact integrity.
(CVE-2015-0449)

- An unspecified flaw exists in the WLS-WebServices
subcomponent which an authenticated, remote attacker
can exploit to affect confidentiality, integrity, and
availability. (CVE-2015-0482)

See also :

http://www.nessus.org/u?15c09d3d
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Apply the appropriate patch according to the April 2015 Oracle
Critical Patch Update advisory.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)

Family: Misc.

Nessus Plugin ID: 82822 ()

Bugtraq ID: 70574
74106
74114

CVE ID: CVE-2014-3566
CVE-2015-0449
CVE-2015-0482

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now