Oracle Secure Global Desktop Multiple Vulnerabilities (July 2014 CPU)
High Nessus Plugin ID 76570
SynopsisThe remote host has a version of Oracle Secure Global Desktop that is affected by multiple vulnerabilities.
DescriptionThe remote host has a version of Oracle Secure Global Desktop that is version 4.63, 4.71, 5.0 or 5.1. It is, therefore, affected by the following vulnerabilities :
- Apache Tomcat does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks.
- CoyoteAdapter.java in Apache Tomcat does not consider the 'disableURLRewriting' setting when handling session ID in a URL, allowing a remote attacker to conduct session fixation attacks via a crafted URL.
- The 'log_cookie' function in mod_log_config.c of Apache will not handle specially crafted cookies during truncation, allowing a remote attacker to cause a denial of service via a segmentation fault. (CVE-2014-0098)
- Multiple integer overflows within X.Org libXfont that could allow remote font servers to execute arbitrary code via a crafted xfs reply, which triggers a buffer overflow. (CVE-2014-0211)
- OpenSSL does not properly restrict processing of 'ChangeCipherSpec' messages which allows man-in-the-middle attackers to trigger use of a zero-length master key and consequently hijack sessions or obtain sensitive information via a crafted TLS handshake. (CVE-2014-0224)
- An unspecified flaw related to the Workspace Web Application subcomponent could allow a remote attacker to impact integrity. (CVE-2014-4232)
SolutionApply the appropriate patch according to the July 2014 Oracle Critical Patch Update advisory.