This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2015-12-06
Product Exalogic Infrastructure Last view 2016-02-18
Version 1.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:oracle:exalogic_infrastructure

Activity : Overall

Related : CVE

  Date Alert Description
8.1 2016-02-18 CVE-2015-7547

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

5.9 2016-02-14 CVE-2015-3197

ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.

5.3 2015-12-06 CVE-2015-3195

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-200 Information Exposure
25% (1) CWE-310 Cryptographic Issues
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Snort® IPS/IDS

Date Description
2016-04-05 SSLv2 Client Hello attempt
RuleID : 38060 - Type : POLICY-OTHER - Revision : 4
2016-03-14 glibc getaddrinfo AAAA record stack buffer overflow attempt
RuleID : 37731-community - Type : PROTOCOL-DNS - Revision : 5
2016-03-22 glibc getaddrinfo AAAA record stack buffer overflow attempt
RuleID : 37731 - Type : PROTOCOL-DNS - Revision : 5
2016-03-14 glibc getaddrinfo A record stack buffer overflow attempt
RuleID : 37730-community - Type : PROTOCOL-DNS - Revision : 5
2016-03-22 glibc getaddrinfo A record stack buffer overflow attempt
RuleID : 37730 - Type : PROTOCOL-DNS - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-02-28 Name: The version of Arista Networks EOS running on the remote device is affected b...
File: arista_eos_sa0017.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The version of Arista Networks EOS running on the remote device is affected b...
File: arista_eos_sa0018.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1039.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1040.nasl - Type: ACT_GATHER_INFO
2017-03-30 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0051.nasl - Type: ACT_GATHER_INFO
2017-01-05 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10759.nasl - Type: ACT_GATHER_INFO
2016-09-14 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-CSCuy36553-nxos.nasl - Type: ACT_GATHER_INFO
2016-09-09 Name: The remote device is affected by multiple denial of service vulnerabilities.
File: bluecoat_proxy_av_3_5_4_1.nasl - Type: ACT_GATHER_INFO
2016-09-08 Name: The remote host is affected by multiple vulnerabilities.
File: screenos_JSA10733.nasl - Type: ACT_GATHER_INFO
2016-07-14 Name: The remote Fedora host is missing a security update.
File: fedora_2016-c558e58b21.nasl - Type: ACT_GATHER_INFO
2016-07-14 Name: The remote Fedora host is missing a security update.
File: fedora_2016-e1234b65a2.nasl - Type: ACT_GATHER_INFO
2016-06-22 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0071.nasl - Type: ACT_GATHER_INFO
2016-05-20 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-604.nasl - Type: ACT_GATHER_INFO
2016-05-18 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL12824341.nasl - Type: ACT_GATHER_INFO
2016-05-18 Name: The remote web server is affected by multiple vulnerabilities.
File: hpsmh_7_5_5.nasl - Type: ACT_GATHER_INFO
2016-05-16 Name: The remote OracleVM host is missing a security update.
File: oraclevm_OVMSA-2016-0049.nasl - Type: ACT_GATHER_INFO
2016-05-12 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-563.nasl - Type: ACT_GATHER_INFO
2016-05-02 Name: The remote host is missing one or more security updates.
File: mysql_5_6_29_rpm.nasl - Type: ACT_GATHER_INFO
2016-05-02 Name: The remote host is missing one or more security updates.
File: mysql_5_6_30_rpm.nasl - Type: ACT_GATHER_INFO
2016-05-02 Name: The remote host is missing one or more security updates.
File: mysql_5_7_11_rpm.nasl - Type: ACT_GATHER_INFO
2016-05-02 Name: The remote host is missing one or more security updates.
File: mysql_5_7_12_rpm.nasl - Type: ACT_GATHER_INFO
2016-04-22 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_6_30.nasl - Type: ACT_GATHER_INFO
2016-04-22 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_7_12.nasl - Type: ACT_GATHER_INFO
2016-04-22 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: virtualbox_5_0_18.nasl - Type: ACT_GATHER_INFO
2016-04-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2016-682.nasl - Type: ACT_GATHER_INFO