SB20231018113 - Multiple vulnerabilities in Oracle HTTP Server

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) HTTP response splitting (CVE-ID: CVE-2022-37436)

The vulnerability allows a remote attacker to perform HTTP splitting attacks.

The vulnerability exists due to software does not correctly process CRLF character sequences within the mod_proxy module. A remote attacker can send specially crafted request containing CRLF sequence and make the application to send a split HTTP response.

Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.

2) NULL pointer dereference (CVE-ID: CVE-2023-28484)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in xmlSchemaFixupComplexType. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

3) Resource management error (CVE-ID: CVE-2023-2650)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when processing OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS subsystems with no message size limit. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.

4) Improper input validation (CVE-ID: CVE-2023-22019)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Web Listener component in Oracle HTTP Server. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

Remediation

Install update from vendor's website.

References

• https://www.oracle.com/security-alerts/cpuoct2023.html?1389