Oracle GlassFish Server 3.0.1.x < 3.0.1.14 Multiple Vulnerabilities (July 2016 CPU)

critical Nessus Plugin ID 92463

Synopsis

The remote web server is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the Oracle GlassFish Server running on the remote host is 3.0.1.x prior to 3.0.1.14. It is, therefore, affected by multiple vulnerabilities :

- An information disclosure vulnerability exists in the bundled version of libcurl in the smb_request_state() function due to using values that are assumed valid without properly checking boundaries. An unauthenticated, remote attacker can exploit this, via a malicious SMB server, to disclose arbitrary memory contents. (CVE-2015-3237)

- An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3607)

- Multiple unspecified flaws exist in the Administration subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information.
(CVE-2016-3608, CVE-2016-5477)

Solution

Upgrade to Oracle GlassFish Server version 3.0.1.14 or later as referenced in the July 2016 Oracle Critical Patch Update advisory.

See Also

http://www.nessus.org/u?453b5f8c

Plugin Details

Severity: Critical

ID: 92463

File Name: glassfish_cve-2016-3608.nasl

Version: 1.9

Type: remote

Family: Web Servers

Published: 7/20/2016

Updated: 11/19/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-3607

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:glassfish_server

Required KB Items: www/glassfish

Exploit Ease: No known exploits are available

Patch Publication Date: 7/19/2016

Vulnerability Publication Date: 6/17/2015

Reference Information

CVE: CVE-2015-3237, CVE-2016-3607, CVE-2016-3608, CVE-2016-5477

BID: 75387, 92031, 92032