1.3.6

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

oracle

nessus

NVD

Published: 2005-10-14

Updated: 2017-07-11

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Html DB 1.3 Oracle Html DB 1.3.6	2

Nessus

NASL family	Databases
NASL id	ORACLE_MULTIPLE.NASL
description	According to its version number, the installation of Oracle on the remote host is reportedly subject to multiple vulnerabilities, some of which don
last seen	2020-06-01
modified	2020-06-02
plugin id	18034
published	2005-04-13
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/18034
title	Oracle Database 10g Multiple Remote Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(18034); script_version("1.32"); script_cve_id( "CVE-2004-1774", "CVE-2005-3202", "CVE-2005-3203", "CVE-2005-4832" ); script_bugtraq_id( 13145, 13144, 13139, 13238, 13236, 13235, 13234, 13239, 15031, 15033 ); script_name(english:"Oracle Database 10g Multiple Remote Vulnerabilities"); script_set_attribute(attribute:"synopsis", value: "The remote database server suffers from multiple flaws." ); script_set_attribute(attribute:"description", value: "According to its version number, the installation of Oracle on the remote host is reportedly subject to multiple vulnerabilities, some of which don't require authentication. They may allow an attacker to craft SQL queries such that they would be able to retrieve any file on the system and potentially retrieve and/or modify confidential data on the target's Oracle server." ); script_set_attribute(attribute:"solution", value: "http://www.red-database-security.com/advisory/oracle_htmldb_css.html http://www.red-database-security.com/advisory/oracle_htmldb_plaintext_password.html http://www.oracle.com/technetwork/topics/security/cpuapr2005-132777.pdf" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploithub_sku", value:"EH-11-844"); script_set_attribute(attribute:"exploit_framework_exploithub", value:"true"); script_set_attribute(attribute:"plugin_publication_date", value: "2005/04/13"); script_set_attribute(attribute:"vuln_publication_date", value: "2004/09/01"); script_set_attribute(attribute:"patch_publication_date", value: "2005/04/12"); script_cvs_date("Date: 2018/07/18 17:43:55"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:database_server"); script_end_attributes(); script_summary(english:"Checks for multiple remote vulnerabilities in Oracle Database"); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_family(english:"Databases"); script_dependencie("oracle_tnslsnr_version.nasl"); script_require_ports("Services/oracle_tnslsnr"); exit(0); } #broken exit (0); port = get_kb_item("Services/oracle_tnslsnr"); if (isnull(port)) exit(0); version = get_kb_item(string("oracle_tnslsnr/", port, "/version")); if (version) { if (ereg(pattern:".*Version (8\.(0\.\|1\.([0-6]\.\|7\.[0-4]))\|9\.(0\.(0\.\|1\.[0-5]\|2\.[0-6]\|3\.[0-1]\|4\.[0-1])\|2\.0\.[0-6])\|10\.(0\.\|1\.0\.[0-4])\|11\.([0-4]\.\|5\.[0-9][^0-9]))", string:version)) security_hole(port); }

NASL family	Databases
NASL id	ORACLE_RDBMS_CPU_OCT_2005.NASL
description	The remote Oracle database server is missing the October 2005 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components : - Change Data Capture - Data Guard Logical Standby - Data Pump Export - Database Scheduler - Export - Locale - Materialized Views - Objects Extension - Oracle HTTP Server - Oracle Intelligent Agent - Oracle Internet Directory - Oracle Label Security - Oracle Security Service - Oracle Single Sign-On - Oracle Spatial - Oracle Workflow Cartridge - PL/SQL - Programmatic Interface - Security - Workspace Manager
last seen	2020-06-02
modified	2011-11-16
plugin id	56050
published	2011-11-16
reporter	This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/56050
title	Oracle Database Multiple Vulnerabilities (October 2005 CPU)
code	# # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(56050); script_version("1.13"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/01"); script_cve_id( "CVE-2005-3202", "CVE-2005-3203", "CVE-2005-3204", "CVE-2005-3205", "CVE-2005-3206", "CVE-2005-3207" ); script_bugtraq_id( 15030, 15031, 15032, 15033, 15034, 15039 ); script_name(english:"Oracle Database Multiple Vulnerabilities (October 2005 CPU)"); script_summary(english:"Checks installed patch info"); script_set_attribute(attribute:"synopsis", value: "The remote database server is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote Oracle database server is missing the October 2005 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components : - Change Data Capture - Data Guard Logical Standby - Data Pump Export - Database Scheduler - Export - Locale - Materialized Views - Objects Extension - Oracle HTTP Server - Oracle Intelligent Agent - Oracle Internet Directory - Oracle Label Security - Oracle Security Service - Oracle Single Sign-On - Oracle Spatial - Oracle Workflow Cartridge - PL/SQL - Programmatic Interface - Security - Workspace Manager"); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?81b9fa6c"); script_set_attribute(attribute:"solution", value: "Apply the appropriate patch according to the October 2005 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(79); script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/18"); script_set_attribute(attribute:"patch_publication_date", value:"2005/10/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/11/16"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:database_server"); script_set_attribute(attribute:"agent", value:"all"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Databases"); script_copyright(english:"This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("oracle_rdbms_query_patch_info.nbin", "oracle_rdbms_patch_info.nbin"); exit(0); } include("oracle_rdbms_cpu_func.inc"); ################################################################################ # OCT2005 patches = make_nested_array(); # RDBMS 10.1.0.4 patches["10.1.0.4"]["db"]["nix"] = make_array("patch_level", "10.1.0.4.3", "CPU", "4567866"); patches["10.1.0.4"]["db"]["win32"] = make_array("patch_level", "10.1.0.4.6", "CPU", "4579182"); # RDBMS 10.1.0.3 patches["10.1.0.3"]["db"]["nix"] = make_array("patch_level", "10.1.0.3.4", "CPU", "4567863"); patches["10.1.0.3"]["db"]["win32"] = make_array("patch_level", "10.1.0.3.10", "CPU", "4567518"); check_oracle_database(patches:patches);

Summary

Vulnerable Configurations

Nessus

References