Vulnerabilities > CVE-2014-3596 - Unspecified vulnerability in Apache Axis
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN apache
nessus
Summary
The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5784.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 26 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DLA-169.NASL description A vulnerability was fixed in axis, a SOAP implementation in Java : The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject last seen 2020-03-17 modified 2015-03-26 plugin id 82153 published 2015-03-26 reporter This script is Copyright (C) 2015-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82153 title Debian DLA-169-1 : axis security update NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1526.NASL description This update for axis fixes the following issues : Security issue fixed : - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name (bsc#1134598). This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 125793 published 2019-06-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125793 title openSUSE Security Update : axis (openSUSE-2019-1526) NASL family CGI abuses NASL id ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2020.NASL description According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.16.0, or 17.7.x through 17.12.x prior to 17.12.11.2, or 18.8.x prior to 18.8.15, or 19.12.x prior to 19.12.0.1. It is, therefore, affected by multiple vulnerabilities: - A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10 used in Primavera Unifier. (CVE-2019-14540) - A memory exhaustion flaw exists in Apache Tika last seen 2020-05-08 modified 2020-01-30 plugin id 133359 published 2020-01-30 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133359 title Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2020 CPU) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2014-1193.NASL description From Red Hat Security Advisory 2014:1193 : Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Apache Axis is an implementation of SOAP (Simple Object Access Protocol). It can be used to build both web service clients and servers. It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject last seen 2020-06-01 modified 2020-06-02 plugin id 77694 published 2014-09-16 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77694 title Oracle Linux 5 / 6 : axis (ELSA-2014-1193) NASL family CGI abuses NASL id ORACLE_PRIMAVERA_GATEWAY_CPU_JAN_2020.NASL description According to its self-reported version number, the Oracle Primavera Gateway installation running on the remote web server is 15.x prior to 15.2.18, 16.x prior to 16.2.11, 17.x prior to 17.12.6, or 18.x prior to 18.8.8.1. It is, therefore, affected by multiple vulnerabilities, including the following: - Two Polymorphic Typing issues present in FasterXML jackson-databind related to com.zaxxer.hikari.HikariDataSource which can be exploited by remote, unauthenticated attackers. (CVE-2019-16335, CVE-2019-14540) - A man-in-the-middle vulnerability caused by the getCN function in Apache Axis not properly verifying that the server hostname matches a domain name in the subject last seen 2020-05-08 modified 2020-01-15 plugin id 132936 published 2020-01-15 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132936 title Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1497.NASL description This update for axis fixes the following issues : Security issue fixed : - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name (bsc#1134598). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 125695 published 2019-06-04 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125695 title openSUSE Security Update : axis (openSUSE-2019-1497) NASL family Scientific Linux Local Security Checks NASL id SL_20140915_AXIS_ON_SL5_X.NASL description It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject last seen 2020-03-18 modified 2014-09-16 plugin id 77700 published 2014-09-16 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77700 title Scientific Linux Security Update : axis on SL5.x, SL6.x i386/x86_64 (20140915) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2014-1193.NASL description Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Apache Axis is an implementation of SOAP (Simple Object Access Protocol). It can be used to build both web service clients and servers. It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject last seen 2020-06-01 modified 2020-06-02 plugin id 77692 published 2014-09-16 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77692 title CentOS 5 / 6 : axis (CESA-2014:1193) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-412.NASL description It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject last seen 2020-06-01 modified 2020-06-02 plugin id 78355 published 2014-10-12 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/78355 title Amazon Linux AMI : axis (ALAS-2014-412) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2014-1193.NASL description Updated axis packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Apache Axis is an implementation of SOAP (Simple Object Access Protocol). It can be used to build both web service clients and servers. It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject last seen 2020-06-01 modified 2020-06-02 plugin id 77695 published 2014-09-16 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77695 title RHEL 5 / 6 : axis (RHSA-2014:1193) NASL family F5 Networks Local Security Checks NASL id F5_BIGIP_SOL16821.NASL description The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject last seen 2020-06-01 modified 2020-06-02 plugin id 93256 published 2016-09-02 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/93256 title F5 Networks BIG-IP : Apache Axis vulnerability (SOL16821)
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://www.openwall.com/lists/oss-security/2014/08/20/2
- https://issues.apache.org/jira/browse/AXIS-2905
- http://www.securitytracker.com/id/1030745
- http://www.securityfocus.com/bid/69295
- http://rhn.redhat.com/errata/RHSA-2014-1193.html
- http://secunia.com/advisories/61222
- http://linux.oracle.com/errata/ELSA-2014-1193.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95377
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00022.html
- https://www.oracle.com/security-alerts/cpujan2020.html
- https://lists.apache.org/thread.html/5e6c92145deddcecf70c3604041dcbd615efa2d37632fc2b9c367780%40%3Cjava-dev.axis.apache.org%3E
- https://lists.apache.org/thread.html/a308887782e05da7cf692e4851ae2bd429a038570cbf594e6631cc8d%40%3Cjava-dev.axis.apache.org%3E
- https://lists.apache.org/thread.html/de2af12dcaba653d02b03235327ca4aa930401813a3cced8e151d29c%40%3Cjava-dev.axis.apache.org%3E
- https://lists.apache.org/thread.html/44d4e88a5fa8ae60deb752029afe9054da87c5f859caf296fcf585e5%40%3Cjava-dev.axis.apache.org%3E
- https://lists.apache.org/thread.html/8aa25c99eeb0693fc229ec87d1423b5ed5d58558618706d8aba1d832%40%3Cjava-dev.axis.apache.org%3E