Lucene search
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.PHOTONOS_PHSA-2017-0016_OPENJDK.NASLHistoryFeb 07, 2019 - 12:00 a.m.
Photon OS 1.0: Openjdk PHSA-2017-0016
2019-02-0700:00:00
This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
114
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
0.054 Low
EPSS
Percentile
93.2%
An update of the openjdk package has been released.
#
# (C) Tenable Network Security, Inc.`
#
# The descriptive text and package checks in this plugin were
# extracted from VMware Security Advisory PHSA-2017-0016. The text
# itself is copyright (C) VMware, Inc.
include('compat.inc');
if (description)
{
script_id(121693);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/24");
script_cve_id(
"CVE-2016-5546",
"CVE-2016-5547",
"CVE-2016-5548",
"CVE-2016-5549",
"CVE-2016-5552",
"CVE-2016-8328",
"CVE-2017-3231",
"CVE-2017-3241",
"CVE-2017-3253",
"CVE-2017-3259",
"CVE-2017-3260",
"CVE-2017-3261",
"CVE-2017-3262",
"CVE-2017-3272",
"CVE-2017-3289"
);
script_name(english:"Photon OS 1.0: Openjdk PHSA-2017-0016");
script_set_attribute(attribute:"synopsis", value:
"The remote PhotonOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"An update of the openjdk package has been released.");
script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-41.md");
script_set_attribute(attribute:"solution", value:
"Update the affected Linux packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-3289");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/05/11");
script_set_attribute(attribute:"patch_publication_date", value:"2017/05/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:openjdk");
script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"PhotonOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/PhotonOS/release");
if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0");
if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
flag = 0;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-debuginfo-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-doc-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-sample-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (rpm_check(release:"PhotonOS-1.0", reference:"openjdk-src-1.8.0.131-1.ph1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openjdk");
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5546
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5549
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5552
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8328
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3231
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3241
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3253
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3259
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3260
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3261
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3262
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3272
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3289
github.com/vmware/photon/wiki/Security-Updates-41.md
Related
nessus
nessus
Photon OS 1.0: Openjre PHSA-2017-0016
2019-02-07 00:00:00
Oracle Java SE 6 < Update 141 / 7 < Update 131 / 8 < Update 121 Multiple Vulnerabilities
2017-01-27 00:00:00
GLSA-201701-65 : Oracle JRE/JDK: Multiple vulnerabilities
2017-01-26 00:00:00
redhat
redhat
(RHSA-2017:0175) Critical: java-1.8.0-oracle security update
2017-01-19 13:45:55
(RHSA-2017:0263) Critical: java-1.8.0-ibm security update
2017-02-09 11:51:45
(RHSA-2017:0337) Critical: java-1.7.0-ibm security update
2017-02-28 00:00:00
openvas
openvas
openSUSE: Security Advisory for java-1_7_0-openjdk (openSUSE-SU-2017:0513-1)
2017-02-20 00:00:00
Debian: Security Advisory (DLA-821-1)
2018-01-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0346-1)
2021-04-19 00:00:00
ibm
ibm
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2017 - Includes Oracle Jan 2017 CPU affect IBM eDiscovery Analyzer
2019-08-30 07:48:35
osv
osv
openjdk-7 - security update
2017-02-08 00:00:00
openjdk-7 - security update
2017-02-11 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2017-01-25 00:00:00
IcedTea: Multiple vulnerabilities
2017-07-05 00:00:00
suse
suse
Security update for java-1_7_0-openjdk (important)
2017-02-17 15:10:09
Security update for java-1_8_0-openjdk (important)
2017-02-03 12:07:24
Security update for java-1_7_0-openjdk (important)
2017-02-19 18:08:48
debian
debian
[SECURITY] [DLA 821-1] openjdk-7 security update
2017-02-11 00:38:57
[SECURITY] [DSA 3782-1] openjdk-7 security update
2017-02-08 18:15:02
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2017-01-20 00:00:00
java-1.7.0-openjdk security update
2017-02-13 00:00:00
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-04-05 23:21:06
f5
f5
K15518610 : Multiple OpenJDK vulnerabilities
2017-05-22 00:00:00
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2017-02-05 23:42:41
centos
centos
java security update
2017-02-13 17:16:15
java security update
2017-01-21 15:53:44
ubuntu
ubuntu
OpenJDK 8 vulnerabilities
2017-01-25 00:00:00
OpenJDK 7 vulnerabilities
2017-02-09 00:00:00
OpenJDK 6 vulnerabilities
2017-02-16 00:00:00
amazon
amazon
Critical: java-1.7.0-openjdk
2017-02-14 12:00:00
Critical: java-1.8.0-openjdk
2017-01-26 18:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
0.054 Low
EPSS
Percentile
93.2%
Related for PHOTONOS_PHSA-2017-0016_OPENJDK.NASL