Vulnerabilities > CVE-2016-0681 - Unspecified vulnerability in Oracle Olap 11.2.0.4/12.1.0.1/12.1.0.2

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
oracle
nessus

Summary

Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Oracle
3

Nessus

NASL familyDatabases
NASL idORACLE_RDBMS_CPU_APR_2016.NASL
descriptionThe remote Oracle Database Server is missing the April 2016 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities in the following components : - An unspecified flaw exists in the RDBMS Security component that allows a local attacker to cause a denial of service condition. (CVE-2016-0677) - An unspecified flaw exists in the Oracle OLAP component that allows a local attacker to gain elevated privileges. (CVE-2016-0681) - Multiple unspecified flaws exist in the RDBMS Security component that allow a local attacker to impact integrity. (CVE-2016-0690, CVE-2016-0691) - An unspecified flaw exists in the Java VM component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3454)
last seen2020-06-02
modified2016-04-27
plugin id90762
published2016-04-27
reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/90762
titleOracle Database Multiple Vulnerabilities (April 2016 CPU)
code
#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if (description)
{
  script_id(90762);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/01");

  script_cve_id(
    "CVE-2016-0677",
    "CVE-2016-0681",
    "CVE-2016-0690",
    "CVE-2016-0691",
    "CVE-2016-3454"
  );

  script_name(english:"Oracle Database Multiple Vulnerabilities (April 2016 CPU)");
  script_summary(english:"Checks the installed patch info.");

  script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle Database Server is missing the April 2016 Critical
Patch Update (CPU). It is, therefore, affected by multiple
vulnerabilities in the following components :

  - An unspecified flaw exists in the RDBMS Security
    component that allows a local attacker to cause a
    denial of service condition. (CVE-2016-0677)

  - An unspecified flaw exists in the  Oracle OLAP component
    that allows a local attacker to gain elevated
    privileges. (CVE-2016-0681)

  - Multiple unspecified flaws exist in the RDBMS Security
    component that allow a local attacker to impact
    integrity. (CVE-2016-0690, CVE-2016-0691)

  - An unspecified flaw exists in the Java VM component that
    allows an unauthenticated, remote attacker to execute
    arbitrary code. (CVE-2016-3454)");
  # https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ffb7b96f");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the April 2016 Oracle
Critical Patch Update advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/04/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/04/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/27");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:database_server");
  script_set_attribute(attribute:"agent", value:"all");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Databases");

  script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("oracle_rdbms_query_patch_info.nbin", "oracle_rdbms_patch_info.nbin");

  exit(0);
}

include("oracle_rdbms_cpu_func.inc");

################################################################################
# APR2016
patches = make_nested_array();

# RDBMS 12.1.0.2
patches["12.1.0.2"]["db"]["nix"] = make_array("patch_level", "12.1.0.2.160419", "CPU", "22291127, 22806133");
patches["12.1.0.2"]["db"]["win"] = make_array("patch_level", "12.1.0.2.160419", "CPU", "22809813");
# RDBMS 12.1.0.1 #
patches["12.1.0.1"]["db"]["nix"] = make_array("patch_level", "12.1.0.1.160419", "CPU", "22291141");
patches["12.1.0.1"]["db"]["win"] = make_array("patch_level", "12.1.0.1.160419", "CPU", "22617408");
# RDBMS 11.2.0.4 #
patches["11.2.0.4"]["db"]["nix"] = make_array("patch_level", "11.2.0.4.160419", "CPU", "22502493, 22502456");
patches["11.2.0.4"]["db"]["win"] = make_array("patch_level", "11.2.0.4.160419", "CPU", "22839608");

# JVM 12.1.0.2
patches["12.1.0.2"]["ojvm"]["nix"] = make_array("patch_level", "12.1.0.2.160419", "CPU", "22674709");
patches["12.1.0.2"]["ojvm"]["win"] = make_array("patch_level", "12.1.0.2.160419", "CPU", "22839633");
# JVM 12.1.0.1
patches["12.1.0.1"]["ojvm"]["nix"] = make_array("patch_level", "12.1.0.1.160419", "CPU", "22674703");
patches["12.1.0.1"]["ojvm"]["win"] = make_array("patch_level", "12.1.0.1.160419", "CPU", "22839627");
# JVM 11.2.0.4
patches["11.2.0.4"]["ojvm"]["nix"] = make_array("patch_level", "11.2.0.4.160419", "CPU", "22674697");
patches["11.2.0.4"]["ojvm"]["win"] = make_array("patch_level", "11.2.0.4.160419", "CPU", "22839614");

check_oracle_database(patches:patches, high_risk:TRUE);