Vulnerabilities > CVE-2011-3559 - Remote vulnerability in Oracle products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote attackers to affect availability via unknown vectors related to Web Container.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS8_119166.NASL description Sun Java System App Server Enterprise Ed 8.1 2005Q1, Solaris Patch. Date this patch was last updated by Sun : Oct/18/11 last seen 2020-06-01 modified 2020-06-02 plugin id 23413 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23413 title Solaris 8 (sparc) : 119166-43 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text in this plugin was # extracted from the Oracle SunOS Patch Updates. # include("compat.inc"); if (description) { script_id(23413); script_version("1.34"); script_cvs_date("Date: 2019/10/25 13:36:27"); script_cve_id("CVE-2009-0278", "CVE-2009-2625", "CVE-2011-3559"); script_xref(name:"IAVT", value:"2009-T-0009"); script_name(english:"Solaris 8 (sparc) : 119166-43"); script_summary(english:"Check for patch 119166-43"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing Sun Security Patch number 119166-43" ); script_set_attribute( attribute:"description", value: "Sun Java System App Server Enterprise Ed 8.1 2005Q1, Solaris Patch. Date this patch was last updated by Sun : Oct/18/11" ); script_set_attribute( attribute:"see_also", value:"https://getupdates.oracle.com/readme/119166-43" ); script_set_attribute( attribute:"solution", value:"You should install this patch for your system to be up-to-date." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(200, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:sun:solaris"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/06"); script_set_attribute(attribute:"stig_severity", value:"II"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Solaris Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Solaris/showrev"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("solaris.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasut", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasuee", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasman", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWascmnse", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasjdoc", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasacee", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWaslb", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWascml", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasu", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasdem", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWascmn", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWashdm", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWaswbcr", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasac", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasmanee", version:"8.1,REV=2004.12.04.01.52") < 0) flag++; if (solaris_check_patch(release:"5.8", arch:"sparc", patch:"119166-43", obsoleted_by:"", package:"SUNWasdemdb", version:"8.1,REV=2004.12.04.01.18") < 0) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:solaris_get_report()); else security_hole(0); exit(0); } audit(AUDIT_HOST_NOT, "affected");NASL family Solaris Local Security Checks NASL id SOLARIS10_119166.NASL description Sun Java System App Server Enterprise Ed 8.1 2005Q1, Solaris Patch. Date this patch was last updated by Sun : Oct/18/11 This plugin has been deprecated and either replaced with individual 119166 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 22955 published 2006-11-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22955 title Solaris 10 (sparc) : 119166-43 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_119167.NASL description Sun Java System App Server Enterprise Ed 8.1 2005Q1, _x86 Patch32. Date this patch was last updated by Sun : Oct/18/11 This plugin has been deprecated and either replaced with individual 119167 patch-revision plugins, or deemed non-security related. last seen 2019-02-21 modified 2018-07-30 plugin id 22988 published 2006-11-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=22988 title Solaris 10 (x86) : 119167-43 (deprecated) NASL family Solaris Local Security Checks NASL id SOLARIS9_119166.NASL description Sun Java System App Server Enterprise Ed 8.1 2005Q1, Solaris Patch. Date this patch was last updated by Sun : Oct/18/11 last seen 2020-06-01 modified 2020-06-02 plugin id 23552 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23552 title Solaris 9 (sparc) : 119166-43 NASL family Solaris Local Security Checks NASL id SOLARIS10_X86_119167-43.NASL description Sun Java System App Server Enterprise Ed 8.1 2005Q1, _x86 Patch32. Date this patch was last updated by Sun : Oct/18/11 last seen 2020-06-01 modified 2020-06-02 plugin id 107810 published 2018-03-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107810 title Solaris 10 (x86) : 119167-43 NASL family Web Servers NASL id GLASSFISH_CVE-2011-3559.NASL description The version of GlassFish Server running on the remote host is affected by an unspecified vulnerability related to the Web Container component that could affect availability. last seen 2020-06-01 modified 2020-06-02 plugin id 58089 published 2012-02-22 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58089 title Oracle GlassFish Server 2.1.1 < 2.1.1.14 / 3.0.1 < 3.0.1.4 / 3.1.1 < 3.1.1.1 Web Container Component Unspecified Vulnerability NASL family Solaris Local Security Checks NASL id SOLARIS9_X86_119167.NASL description Sun Java System App Server Enterprise Ed 8.1 2005Q1, _x86 Patch32. Date this patch was last updated by Sun : Oct/18/11 last seen 2020-06-01 modified 2020-06-02 plugin id 23610 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23610 title Solaris 9 (x86) : 119167-43
References
- http://osvdb.org/76476
- http://secunia.com/advisories/46523
- http://secunia.com/advisories/46524
- http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html
- http://www.securityfocus.com/bid/50204
- http://www.securitytracker.com/id?1026222
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70816