Detections
Analytics
Oracle HTTP Server (January 2006 CPU)
critical Nessus Plugin ID 17729
Language:
Synopsis
The remote web server may be affected by multiple unspecified vulnerabilities.Description
According to its banner, the version of Oracle HTTP Server installed on the remote host is potentially affected by multiple vulnerabilities :- An unspecified information disclosure issue exists. (CVE-2006-0286)
- An unspecified error can allow denial of service attacks. (CVE-2006-0287)
Solution
Apply the appropriate patch according to the January 2006 Oracle Critical Patch Update advisory.See Also
https://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html
Plugin Details
Severity: Critical
ID: 17729
File Name: oracle_http_server_cpu_jan_2006.nasl
Version: 1.6
Type: remote
Family: Web Servers
Published: 11/21/2011
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:oracle:http_server
Required KB Items: Settings/PCI_DSS, www/oracle
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/17/2006
Vulnerability Publication Date: 1/17/2006
Reference Information
CVE: CVE-2006-0286, CVE-2006-0287
BID: 16287