Vulnerabilities > CVE-2016-5477 - Remote Security vulnerability in Oracle GlassFish Server 2.1.1/3.0.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1 and 3.0.1 allows remote attackers to affect confidentiality via vectors related to Administration.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
NASL family Web Servers NASL id GLASSFISH_CVE-2016-5477.NASL description According to its self-reported version number, the Oracle GlassFish Server running on the remote host is 2.1.1.x prior to 2.1.1.28. It is, therefore, affected by an unspecified flaw in the Administration subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information. last seen 2020-06-01 modified 2020-06-02 plugin id 92464 published 2016-07-20 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92464 title Oracle GlassFish Server 2.1.1.x < 2.1.1.28 Information Disclosure (July 2016 CPU) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(92464); script_version("1.7"); script_cvs_date("Date: 2019/11/19"); script_cve_id("CVE-2016-5477"); script_bugtraq_id(92032); script_name(english:"Oracle GlassFish Server 2.1.1.x < 2.1.1.28 Information Disclosure (July 2016 CPU)"); script_summary(english:"Checks the version of Oracle GlassFish."); script_set_attribute(attribute:"synopsis", value: "The remote web server is affected by an information disclosure vulnerability."); script_set_attribute(attribute:"description", value: "According to its self-reported version number, the Oracle GlassFish Server running on the remote host is 2.1.1.x prior to 2.1.1.28. It is, therefore, affected by an unspecified flaw in the Administration subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information."); # http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?453b5f8c"); script_set_attribute(attribute:"solution", value: "Upgrade to Oracle GlassFish Server version 2.1.1.28 or later as referenced in the July 2016 Oracle Critical Patch Update advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-5477"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2016/07/19"); script_set_attribute(attribute:"patch_publication_date", value:"2016/07/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/20"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:glassfish_server"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("glassfish_detect.nasl"); script_require_keys("www/glassfish"); exit(0); } include("global_settings.inc"); include("misc_func.inc"); include("audit.inc"); include("glassfish.inc"); # # Main # # Check for GlassFish get_kb_item_or_exit('www/glassfish'); port = get_glassfish_port(default:8080); # Get the version number out of the KB. ver = get_kb_item_or_exit("www/" + port + "/glassfish/version"); banner = get_kb_item_or_exit("www/" + port + "/glassfish/source"); pristine = get_kb_item_or_exit("www/" + port + "/glassfish/version/pristine"); # Set appropriate fixed versions. if (ver =~ "^2\.1\.1(\.|$)") fix = "2.1.1.28"; else fix = NULL; if (!isnull(fix) && ver_compare(ver:ver, fix:fix, strict:FALSE) < 0) { report = '\n Version source : ' + banner + '\n Installed version : ' + pristine + '\n Fixed version : ' + fix + '\n'; security_report_v4(port:port, extra:report, severity:SECURITY_WARNING); } else audit(AUDIT_LISTEN_NOT_VULN, "Oracle GlassFish", port, pristine);NASL family Web Servers NASL id GLASSFISH_CVE-2016-3608.NASL description According to its self-reported version number, the Oracle GlassFish Server running on the remote host is 3.0.1.x prior to 3.0.1.14. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the bundled version of libcurl in the smb_request_state() function due to using values that are assumed valid without properly checking boundaries. An unauthenticated, remote attacker can exploit this, via a malicious SMB server, to disclose arbitrary memory contents. (CVE-2015-3237) - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2016-3607) - Multiple unspecified flaws exist in the Administration subcomponent that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2016-3608, CVE-2016-5477) last seen 2020-06-01 modified 2020-06-02 plugin id 92463 published 2016-07-20 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/92463 title Oracle GlassFish Server 3.0.1.x < 3.0.1.14 Multiple Vulnerabilities (July 2016 CPU)