Vulnerabilities > CVE-2005-3472 - Information Disclosure vulnerability in SUN Java System Communications Express 2004Q2/2005Q1

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
sun
nessus
NVD
Published: 2005-11-03
Updated: 2011-03-08

Summary

Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files.

Vulnerable Configurations

Part Description Count
Application
Sun
2

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_118540.NASL
    descriptionSun Java System Communications Express 6.2. Date this patch was last updated by Sun : Jan/16/07 This plugin has been deprecated and either replaced with individual 118540 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id22951
    published2006-11-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=22951
    titleSolaris 10 (sparc) : 118540-42 (deprecated)
    code
    #%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# @DEPRECATED@
#
# Disabled on 2018/03/12. Deprecated and either replaced by
# individual patch-revision plugins, or has been deemed a
# non-security advisory.
#
include("compat.inc");

if (description)
{
  script_id(22951);
  script_version("1.19");
  script_cvs_date("Date: 2019/10/25 13:36:23");

  script_cve_id("CVE-2005-3472");

  script_name(english:"Solaris 10 (sparc) : 118540-42 (deprecated)");
  script_summary(english:"Check for patch 118540-42");

  script_set_attribute(
    attribute:"synopsis", 
    value:"This plugin has been deprecated."
  );
  script_set_attribute(
    attribute:"description",
    value:
"Sun Java System Communications Express 6.2.
Date this patch was last updated by Sun : Jan/16/07

This plugin has been deprecated and either replaced with individual
118540 patch-revision plugins, or deemed non-security related."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/118540-42"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"n/a"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/01/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/06");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}

exit(0, "This plugin has been deprecated. Consult specific patch-revision plugins for patch 118540 instead.");
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_118540.NASL
    descriptionSun Java System Communications Express 6.2. Date this patch was last updated by Sun : Jan/16/07
    last seen2020-06-01
    modified2020-06-02
    plugin id23547
    published2006-11-06
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23547
    titleSolaris 9 (sparc) : 118540-42
    code
    #%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was
# extracted from the Oracle SunOS Patch Updates.
#
include("compat.inc");

if (description)
{
  script_id(23547);
  script_version("1.16");
  script_cvs_date("Date: 2019/10/25 13:36:24");

  script_cve_id("CVE-2005-3472");

  script_name(english:"Solaris 9 (sparc) : 118540-42");
  script_summary(english:"Check for patch 118540-42");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote host is missing Sun Security Patch number 118540-42"
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Sun Java System Communications Express 6.2.
Date this patch was last updated by Sun : Jan/16/07"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://getupdates.oracle.com/readme/118540-42"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"You should install this patch for your system to be up-to-date."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/01/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/06");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
  script_family(english:"Solaris Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("solaris.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

if (solaris_check_patch(release:"5.9", arch:"sparc", patch:"118540-42", obsoleted_by:"122793-12 ", package:"SUNWuwc", version:"6.1,REV=2004.04.29") < 0) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report());
  else security_warning(0);
  exit(0);
}
audit(AUDIT_HOST_NOT, "affected");
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS8_118540.NASL
    descriptionSun Java System Communications Express 6.2. Date this patch was last updated by Sun : Jan/16/07
    last seen2020-06-01
    modified2020-06-02
    plugin id23407
    published2006-11-06
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23407
    titleSolaris 8 (sparc) : 118540-42
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS10_X86_118541.NASL
    descriptionSun Java System Communications Express 6.2. Date this patch was last updated by Sun : Jan/16/07 This plugin has been deprecated and either replaced with individual 118541 patch-revision plugins, or deemed non-security related.
    last seen2019-02-21
    modified2018-07-30
    plugin id22983
    published2006-11-06
    reporterTenable
    sourcehttps://www.tenable.com/plugins/index.php?view=single&id=22983
    titleSolaris 10 (x86) : 118541-42 (deprecated)
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS9_X86_118541.NASL
    descriptionSun Java System Communications Express 6.2. Date this patch was last updated by Sun : Jan/16/07
    last seen2020-06-01
    modified2020-06-02
    plugin id23607
    published2006-11-06
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/23607
    titleSolaris 9 (x86) : 118541-42

References