Vulnerabilities > CVE-2012-3155
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
Application | 3 |
Nessus
NASL family Windows NASL id SUN_JAVA_APP_SERVER_CVE-2012-3155.NASL description The version of Sun Java System Application Server installed on the remote host is affected by an unspecified vulnerability related to the COBRA ORB subcomponent that could allow a remote attacker to cause a loss of availability. last seen 2020-06-01 modified 2020-06-02 plugin id 77557 published 2014-09-05 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/77557 title Sun Java System Application Server 8.1 / 8.2 DoS code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(77557); script_version("1.4"); script_cvs_date("Date: 2018/11/15 20:50:28"); script_cve_id("CVE-2012-3155"); script_bugtraq_id(56073); script_name(english:"Sun Java System Application Server 8.1 / 8.2 DoS"); script_summary(english:"Checks the version of Sun Java System Application Server."); script_set_attribute(attribute:"synopsis", value: "The remote host has an application server installed that is affected by a vulnerability that may affect availability."); script_set_attribute(attribute:"description", value: "The version of Sun Java System Application Server installed on the remote host is affected by an unspecified vulnerability related to the COBRA ORB subcomponent that could allow a remote attacker to cause a loss of availability."); script_set_attribute(attribute:"solution", value:"Apply the appropriate patch referenced in the vendor advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87547c81"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16"); script_set_attribute(attribute:"patch_publication_date", value:"2012/10/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/05"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:sun:java_system_application_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_dependencies("smb_hotfixes.nasl"); script_require_keys("SMB/Registry/Enumerated"); script_require_ports(139, 445); exit(0); } include("audit.inc"); include("smb_func.inc"); include("smb_reg_query.inc"); include("smb_hotfixes_fcheck.inc"); include("misc_func.inc"); include("global_settings.inc"); include("bsal.inc"); include("byte_func.inc"); include("zip.inc"); # Connect to the appropriate share name = kb_smb_name(); port = kb_smb_transport(); login = kb_smb_login(); pass = kb_smb_password(); domain = kb_smb_domain(); registry_init(); hklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE); paths = make_array(); key = "SOFTWARE\Sun Microsystems\Application Server"; subkeys = get_registry_subkeys(handle:hklm, key:key); if (!isnull(subkeys)) { foreach subkey (subkeys) { if (subkey =~ '^[0-9\\.]+') { path = get_registry_value(handle:hklm, item:key + '\\' + subkey + "\INSTALLPATH"); if (!isnull(path)) paths[subkey] = path; } } } RegCloseKey(handle:hklm); if (max_index(keys(paths)) == 0) { close_registry(); audit(AUDIT_NOT_INST, 'Sun Java System Application Server'); } close_registry(close:FALSE); installs = 0; lastshare = ''; vers = make_array(); foreach key (keys(paths)) { path = paths[key]; share = hotfix_path2share(path:path); jar = ereg_replace(pattern:'^[A-Za-z]:(.*)', replace:"\1\lib\appserv-admin.jar", string:path); if (share != lastshare) { NetUseDel(close:FALSE); rc = NetUseAdd(login:login, password:pass, domain:domain, share:share); if (rc != 1) { continue; } } fh = CreateFile( file:jar, desired_access:GENERIC_READ, file_attributes:FILE_ATTRIBUTE_NORMAL, share_mode:FILE_SHARE_READ, create_disposition:OPEN_EXISTING ); if (isnull(fh)) continue; version = ''; build = ''; idx = 0; res = zip_parse(smb:fh, 'com/sun/appserv/server/util/Version.class'); if ('sun-appserver-' >< res) { chunk = strstr(res, 'sun-appserver-') - 'sun-appserver-'; chunk = substr(chunk, 2); chunk = chunk - strstr(chunk, 'java/util'); chunk = chomp(substr(chunk, 2)); for (i = 1; i <= ord(chunk[0]); i++) version += chunk[i]; ver = split(version, sep:'.', keep:FALSE); idx += ord(chunk[0]) + 3; idx += ord(chunk[idx]) + 3; idx += ord(chunk[idx]) + 3; for (i = idx+1; i <= idx + ord(chunk[idx]); i++) build += chunk[i]; vers[key] = make_array('version', version, 'build', build); } CloseFile(handle:fh); } NetUseDel(); info = ''; info2 = ''; vuln = 0; foreach key (keys(vers)) { path = paths[key]; install = vers[key]; version = install['version']; build = install['build']; buildnum = ereg_replace(pattern:'^[a-z]([0-9]+).*', string:build, replace:"\1"); if (version =~ '^8\\.1([^0-9\\.]|$)' && int(buildnum) < 63) { info += '\n Path : ' + path + '\n Installed version : ' + version + ' ' + build + '\n Fixed version : 8.1_02 b63-p35\n'; vuln++; } else if (version =~ '^8\\.2([^0-9\\.]|$)' && int(buildnum) < 61) { info += '\n Path : ' + path + '\n Installed version : ' + version + ' ' + build + '\n Fixed version : 8.2 b61-p19\n'; vuln++; } else info2 += ' and ' + version + ' ' + build; } if (vuln) { if (report_verbosity > 0) { if (vuln > 1) s = 's of Sun Java System Application Server were'; else s = ' of Sun Java System Application Server was'; report = '\n' + 'The following vulnerable version' + s + '\n' + 'found on the remote host : \n' + info + '\n'; security_warning(port:port, extra:report); } else security_warning(port); exit(0); } if (info2) { info2 -= ' and '; if (' and ' >< info2) be = 'are'; else be = 'is'; exit(0, 'The host is not affected since Sun Java System Application Server '+info2+' '+be+' installed.'); } else exit(1, 'Unexpected error - \'info2\' is empty.');
NASL family Web Servers NASL id GLASSFISH_CVE-2012-3155.NASL description The version of GlassFish Server running on the remote host is affected by an unspecified vulnerability related to the COBRA ORB subcomponent that could allow a remote attacker to cause a loss of availability. last seen 2020-06-01 modified 2020-06-02 plugin id 77556 published 2014-09-05 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77556 title Oracle GlassFish Server 3.0.1 / 3.1.2 / Enterprise 2.1.1 DoS code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(77556); script_version("1.5"); script_cvs_date("Date: 2018/11/15 20:50:25"); script_cve_id("CVE-2012-3155"); script_bugtraq_id(56073); script_name(english:"Oracle GlassFish Server 3.0.1 / 3.1.2 / Enterprise 2.1.1 DoS"); script_summary(english:"Checks the version of Oracle GlassFish."); script_set_attribute(attribute:"synopsis", value: "The remote host has a web server installed that is affected by a vulnerability that may affect availability."); script_set_attribute(attribute:"description", value: "The version of GlassFish Server running on the remote host is affected by an unspecified vulnerability related to the COBRA ORB subcomponent that could allow a remote attacker to cause a loss of availability."); script_set_attribute(attribute:"solution", value:"Apply the appropriate patch referenced in the vendor advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); # https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87547c81"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16"); script_set_attribute(attribute:"patch_publication_date", value:"2012/10/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/05"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:glassfish_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("glassfish_detect.nasl"); script_require_keys("www/glassfish"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("audit.inc"); include("glassfish.inc"); # # Main # # Check for GlassFish get_kb_item_or_exit('www/glassfish'); port = get_glassfish_port(default:8080); # Get the version number out of the KB. ver = get_kb_item_or_exit("www/" + port + "/glassfish/version"); banner = get_kb_item_or_exit("www/" + port + "/glassfish/source"); pristine = get_kb_item_or_exit("www/" + port + "/glassfish/version/pristine"); # Check if the installation is vulnerable. if (ver =~ "^3\.0\.1($|[^0-9])") fix = "3.0.1.6"; else if (ver =~ "^3\.1\.2($|[^0-9])") fix = "3.1.2.3"; else if (ver =~ "^2\.1\.1($|[^0-9])") fix = "2.1.1.19"; else fix = NULL; if (!isnull(fix) && ver_compare(ver:ver, fix:fix, strict:FALSE) == -1) { if (report_verbosity > 0) { report = '\n Version source : ' + banner + '\n Installed version : ' + pristine + '\n Fixed version : ' + fix + '\n'; security_warning(port:port, extra:report); } else security_warning(port); } else audit(AUDIT_LISTEN_NOT_VULN, banner, port);
References
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
- http://www.securityfocus.com/bid/56073
- http://www.securityfocus.com/bid/56073
- http://www.securitytracker.com/id?1027676
- http://www.securitytracker.com/id?1027676