Oracle iPlanet Web Server 7.0.x < 7.0.20 Multiple Vulnerabilities

High Nessus Plugin ID 76593


The remote web server is affected by multiple vulnerabilities.


According to its self-reported version, the Oracle iPlanet Web Server (formerly Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.20. It is, therefore, affected by the following vulnerabilities in the Network Security Services (NSS) :

- The implementation of NSS does not ensure that data structures are initialized, which can result in a denial of service or disclosure of sensitive information.

- An error exists in the ssl_Do1stHandshake() function in file sslsecur.c due to unencrypted data being returned from PR_Recv when the TLS False Start feature is enabled. A man-in-the-middle attacker can exploit this, by using an arbitrary X.509 certificate, to spoof SSL servers during certain handshake traffic.

- An integer overflow condition exists related to handling input greater than half the maximum size of the 'PRUint32' value. A remote attacker can exploit this to cause a denial of service or possibly have other impact.

- An error exists in the Null_Cipher() function in the file ssl3con.c related to handling invalid handshake packets. A remote attacker, using a crafted request, can exploit this to execute arbitrary code. (CVE-2013-5605)

- An error exists in the CERT_VerifyCert() function in the file certvfy.c when handling trusted certificates with incompatible key usages. A remote attacker, using a crafted request, can exploit this to have an invalid certificates treated as valid. (CVE-2013-5606)

- A race condition exists in libssl that occurs during session ticket processing. A remote attacker can exploit this to cause a denial of service. (CVE-2014-1490)

- Network Security Services (NSS) does not properly restrict public values in Diffie-Hellman key exchanges, allowing a remote attacker to bypass cryptographic protection mechanisms. (CVE-2014-1491)

- An issue exists in the Network Security (NSS) library due to improper handling of IDNA domain prefixes for wildcard certificates. A man-in-the-middle attacker, using a crafted certificate, can exploit this to spoof an SSL server. (CVE-2014-1492)


Upgrade to Oracle iPlanet Web Server 7.0.20 or later.

Note that, at the time of this writing, there is no patch available for installations on Microsoft Windows hosts. Please contact the vendor regarding availability dates for the patch for iPlanet 7.0 (patch #145847).

See Also

Plugin Details

Severity: High

ID: 76593

File Name: sun_java_web_server_7_0_20.nasl

Version: $Revision: 1.7 $

Type: remote

Family: Web Servers

Published: 2014/07/18

Modified: 2015/08/08

Dependencies: 85271

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:iplanet_web_server, cpe:/a:mozilla:network_security_services

Required KB Items: installed_sw/Oracle iPlanet Web Server/

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/07/15

Vulnerability Publication Date: 2013/09/25

Reference Information

CVE: CVE-2013-1739, CVE-2013-1740, CVE-2013-1741, CVE-2013-5605, CVE-2013-5606, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492

BID: 62966, 63736, 63737, 63738, 64944, 65332, 65335, 66356

OSVDB: 98402, 99746, 99747, 99748, 102170, 102876, 102877, 104708