Oracle iPlanet Web Server 7.0.x < 7.0.21 NSS Signature Verification Vulnerability

High Nessus Plugin ID 82995

Synopsis

The remote web server is affected by a signature forgery vulnerability.

Description

According to its self-reported version, the Oracle iPlanet Web Server (formerly known as Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.21. It is, therefore, affected by a flaw in the Network Security Services (NSS) library due to improper parsing of ASN.1 values in an RSA signature. A man-in-the-middle attacker, using a crafted certificate, can exploit this to forge RSA signatures, such as SSL certificates.

Solution

Upgrade to Oracle iPlanet Web Server 7.0.21 or later.

See Also

http://www.nessus.org/u?56618dc1

Plugin Details

Severity: High

ID: 82995

File Name: sun_java_web_server_7_0_21.nasl

Version: 1.11

Type: remote

Family: Web Servers

Published: 2015/04/22

Updated: 2018/11/15

Dependencies: 85271

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 8.8

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:iplanet_web_server, cpe:/a:mozilla:network_security_services

Required KB Items: installed_sw/Oracle iPlanet Web Server/

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/04/14

Vulnerability Publication Date: 2014/09/24

Reference Information

CVE: CVE-2014-1568

BID: 70116

CERT: 772676