Multiple vulnerabilities in Oracle Communications Diameter Signaling Router (DSR)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2019-3862 CVE-2019-1559 |
| CWE-ID | CWE-125 CWE-327 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Oracle Communications Diameter Signaling Router (DSR) Server applications / Other server solutions |
| Vendor | Oracle |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU18253
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-3862
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker can trick the victim to connect to a malicious SSH server, trigger out of bounds read and gain access to sensitive information or perform denial of service attack.
MitigationInstall updates from vendor's website.
Oracle Communications Diameter Signaling Router (DSR): 8.0.0.0 - 8.4.0.0
CPE2.3- cpe:2.3:a:oracle:comms_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:comms_diameter_signaling_router:8.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:comms_diameter_signaling_router:8.2.0.0:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujan2020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU17860
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-1559
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to decrypt sensitive information.
The vulnerability exists due to the way an application behaves, when it receives a 0-byte record with invalid padding compared to the record with an invalid MAC, which results in padding oracle. A remote attacker can decrypt data.
Successful exploitation of the vulnerability requires that the application is using "non-stitched" ciphersuites and calls SSL_shutdown() twice (first, via a BAD_RECORD_MAC and again via a CLOSE_NOTIFY).Mitigation
Install updates from vendor's website.
Oracle Communications Diameter Signaling Router (DSR): 8.0.0.0 - 8.4.0.0
CPE2.3- cpe:2.3:a:oracle:comms_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:comms_diameter_signaling_router:8.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:comms_diameter_signaling_router:8.2.0.0:*:*:*:*:*:*:*
https://www.oracle.com/security-alerts/cpujan2020.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
