Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2008-1025.NASL
HistoryAug 24, 2009 - 12:00 a.m.

RHEL 5 : java-1.5.0-sun (RHSA-2008:1025)

2009-08-2400:00:00
This script is Copyright (C) 2009-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

JSON

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:1025 advisory.

  • Java Web Start File Inclusion via System Properties Override (CVE-2008-2086)

  • JavaWebStart allows unauthorized network connections (CVE-2008-5339)

  • Java WebStart privilege escalation (CVE-2008-5340)

  • Java Web Start exposes username and the pathname of the JWS cache (CVE-2008-5341)

  • Java Web Start BasicService displays local files in the browser (CVE-2008-5342)

  • Java WebStart allows hidden code privilege escalation (CVE-2008-5343)

  • Java WebStart unprivileged local file and network access (CVE-2008-5344)

  • JRE allows unauthorized file access and connections to localhost (CVE-2008-5345)

  • JRE allows unauthorized memory read access via a crafted ZIP file (CVE-2008-5346)

  • OpenJDK Denial-Of-Service in kerberos authentication (6588160) (CVE-2008-5348)

  • OpenJDK RSA public key length denial-of-service (6497740) (CVE-2008-5349)

  • OpenJDK allows to list files within the user home directory (6484091) (CVE-2008-5350)

  • OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841) (CVE-2008-5351)

  • OpenJDK Jar200 Decompression buffer overflow (6755943) (CVE-2008-5352)

  • OpenJDK calendar object deserialization allows privilege escalation (6734167) (CVE-2008-5353)

  • OpenJDK Privilege escalation in command line applications (6733959) (CVE-2008-5354)

  • OpenJDK Font processing vulnerability (6733336) (CVE-2008-5356)

  • OpenJDK Truetype Font processing vulnerability (6751322) (CVE-2008-5357)

  • OpenJDK Buffer overflow in image processing (6726779) (CVE-2008-5359)

  • OpenJDK temporary files have guessable file names (6721753) (CVE-2008-5360)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2008:1025. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40732);
  script_version("1.32");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/21");

  script_cve_id(
    "CVE-2008-2086",
    "CVE-2008-5339",
    "CVE-2008-5340",
    "CVE-2008-5341",
    "CVE-2008-5342",
    "CVE-2008-5343",
    "CVE-2008-5344",
    "CVE-2008-5345",
    "CVE-2008-5346",
    "CVE-2008-5348",
    "CVE-2008-5349",
    "CVE-2008-5350",
    "CVE-2008-5351",
    "CVE-2008-5352",
    "CVE-2008-5353",
    "CVE-2008-5354",
    "CVE-2008-5356",
    "CVE-2008-5357",
    "CVE-2008-5359",
    "CVE-2008-5360"
  );
  script_bugtraq_id(32620, 32892);
  script_xref(name:"RHSA", value:"2008:1025");

  script_name(english:"RHEL 5 : java-1.5.0-sun (RHSA-2008:1025)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for java-1.5.0-sun.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2008:1025 advisory.

  - Java Web Start File Inclusion via System Properties Override (CVE-2008-2086)

  - JavaWebStart allows unauthorized network connections (CVE-2008-5339)

  - Java WebStart privilege escalation (CVE-2008-5340)

  - Java Web Start exposes username and the pathname of the JWS cache (CVE-2008-5341)

  - Java Web Start BasicService displays local files in the browser (CVE-2008-5342)

  - Java WebStart allows hidden code privilege escalation (CVE-2008-5343)

  - Java WebStart unprivileged local file and network access (CVE-2008-5344)

  - JRE allows unauthorized file access and connections to localhost (CVE-2008-5345)

  - JRE allows unauthorized memory read access via a crafted ZIP file (CVE-2008-5346)

  - OpenJDK Denial-Of-Service in kerberos authentication (6588160) (CVE-2008-5348)

  - OpenJDK RSA public key length denial-of-service (6497740) (CVE-2008-5349)

  - OpenJDK allows to list files within the user home directory (6484091) (CVE-2008-5350)

  - OpenJDK UTF-8 decoder accepts non-shortest form sequences (4486841) (CVE-2008-5351)

  - OpenJDK Jar200 Decompression buffer overflow (6755943) (CVE-2008-5352)

  - OpenJDK calendar object deserialization allows privilege escalation (6734167) (CVE-2008-5353)

  - OpenJDK Privilege escalation in command line applications (6733959) (CVE-2008-5354)

  - OpenJDK Font processing vulnerability (6733336) (CVE-2008-5356)

  - OpenJDK Truetype Font processing vulnerability (6751322) (CVE-2008-5357)

  - OpenJDK Buffer overflow in image processing (6726779) (CVE-2008-5359)

  - OpenJDK temporary files have guessable file names (6721753) (CVE-2008-5360)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2008/rhsa-2008_1025.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?62da0971");
  # http://blogs.sun.com/security/entry/advance_notification_of_security_updates3
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c8d7aabf");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2008:1025");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#critical");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=474556");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL java-1.5.0-sun package based on the guidance in RHSA-2008:1025.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-5353");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2008-5354");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_severity", value:"Critical");

  script_set_attribute(attribute:"vuln_publication_date", value:"2008/12/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2008/12/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2009-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("redhat_repos.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '5')) audit(AUDIT_OS_NOT, 'Red Hat 5.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel/client/5/5Client/x86_64/supplementary/debug',
      'content/dist/rhel/client/5/5Client/x86_64/supplementary/os',
      'content/dist/rhel/client/5/5Client/x86_64/supplementary/source/SRPMS',
      'content/dist/rhel/server/5/5Server/x86_64/supplementary/debug',
      'content/dist/rhel/server/5/5Server/x86_64/supplementary/os',
      'content/dist/rhel/server/5/5Server/x86_64/supplementary/source/SRPMS',
      'content/dist/rhel/workstation/5/5Client/x86_64/supplementary/debug',
      'content/dist/rhel/workstation/5/5Client/x86_64/supplementary/os',
      'content/dist/rhel/workstation/5/5Client/x86_64/supplementary/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'java-1.5.0-sun-1.5.0.17-1jpp.2.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-1.5.0.17-1jpp.2.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-demo-1.5.0.17-1jpp.2.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-demo-1.5.0.17-1jpp.2.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-devel-1.5.0.17-1jpp.2.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-devel-1.5.0.17-1jpp.2.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-jdbc-1.5.0.17-1jpp.2.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-jdbc-1.5.0.17-1jpp.2.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-plugin-1.5.0.17-1jpp.2.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-src-1.5.0.17-1jpp.2.el5', 'cpu':'i586', 'release':'5', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'java-1.5.0-sun-src-1.5.0.17-1jpp.2.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.5.0-sun / java-1.5.0-sun-demo / java-1.5.0-sun-devel / etc');
}
VendorProductVersionCPE
redhatenterprise_linuxjava-1.5.0-sunp-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun
redhatenterprise_linuxjava-1.5.0-sun-demop-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-demo
redhatenterprise_linuxjava-1.5.0-sun-develp-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-devel
redhatenterprise_linuxjava-1.5.0-sun-jdbcp-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-jdbc
redhatenterprise_linuxjava-1.5.0-sun-pluginp-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-plugin
redhatenterprise_linuxjava-1.5.0-sun-srcp-cpe:/a:redhat:enterprise_linux:java-1.5.0-sun-src
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5

References

Related

openvas 46
nessus 39
redhat 7
suse 3
seebug 7
fedora 2
securityvulns 3
ubuntu 1
vmware 2
prion 14
nvd 17
cvelist 14
saint 4
ubuntucve 10
cve 15
canvas 2
packetstorm 2
zdi 2
checkpoint_advisories 4
exploitpack 2
metasploit 1
symantec 1
threatpost 1
openvas
openvas
SLES9: Security update for IBM Java5 JRE and SDK
2009-10-10 00:00:00
SLES9: Security update for IBM Java5 JRE and SDK
2009-10-10 00:00:00
SLES10: Security update for IBM Java 1.5.0
2009-10-13 00:00:00
nessus
nessus
SuSE9 Security Update : IBM Java5 JRE and SDK (YOU Patch Number 12336)
2009-09-24 00:00:00
SuSE 11 Security Update : IBM Java 1.4.2 (SAT Patch Number 735)
2009-09-24 00:00:00
SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12387)
2009-09-24 00:00:00
redhat
redhat
(RHSA-2009:0445) Critical: java-1.4.2-ibm security update
2009-04-23 00:00:00
(RHSA-2009:0016) Critical: java-1.5.0-ibm security update
2009-01-13 00:00:00
(RHSA-2008:1025) Critical: java-1.5.0-sun security update
2008-12-04 00:00:00
suse
suse
local privilege escalation in IBMJava5-JRE,java-1_5_0-ibm
2009-01-29 14:08:00
remote code execution in IBM Java 1.4.2 and 6
2009-04-07 14:51:07
remote code execution in Sun Java
2009-01-09 15:49:38
seebug
seebug
Sun Java JDK/JRE安全更新修复多个漏洞
2008-12-09 00:00:00
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
2014-07-01 00:00:00
Sun Java Runtime and Development Kit &lt;= 6 update 10 Calendar Deserialization Exploit
2008-12-03 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.20.b09.fc9
2008-12-07 04:27:51
[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-7.b12.fc10
2008-12-07 04:33:22
securityvulns
securityvulns
Sun Java JRE / JDK / Web Start multiple security vulnerabilities
2009-04-23 00:00:00
[USN-713-1] openjdk-6 vulnerabilities
2009-01-31 00:00:00
[Full-disclosure] CVE-2008-2086: Java Web Start File Inclusion via System Properties Override
2008-12-04 00:00:00
ubuntu
ubuntu
openjdk-6 vulnerabilities
2009-01-27 00:00:00
vmware
vmware
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
2009-10-16 00:00:00
prion
prion
Security feature bypass
2008-12-05 11:30:00
Security feature bypass
2008-12-05 11:30:00
Buffer overflow
2008-12-05 11:30:00
nvd
nvd
CVE-2008-5350
2008-12-05 11:30:00
CVE-2008-5359
2008-12-05 11:30:00
CVE-2008-5349
2008-12-05 11:30:00
cvelist
cvelist
CVE-2008-5359
2008-12-05 11:00:00
CVE-2008-5354
2008-12-05 11:00:00
CVE-2008-5349
2008-12-05 11:00:00
saint
saint
Java Runtime Environment JAR manifest Main Class buffer overflow
2009-02-26 00:00:00
Java Runtime Environment JAR manifest Main Class buffer overflow
2009-02-26 00:00:00
Java Runtime Environment JAR manifest Main Class buffer overflow
2009-02-26 00:00:00
ubuntucve
ubuntucve
CVE-2008-5349
2008-12-05 00:00:00
CVE-2008-5359
2008-12-05 00:00:00
CVE-2008-5360
2008-12-05 00:00:00
cve
cve
CVE-2008-5349
2008-12-05 11:30:00
CVE-2008-5353
2008-12-05 11:30:00
CVE-2008-5348
2008-12-05 11:30:00
canvas
canvas
Immunity Canvas: JAVA_DESERIALIZE
2008-12-05 06:30:00
Immunity Canvas: JAVA_DESERIALIZE_WIN32
2008-12-05 11:30:00
packetstorm
packetstorm
Sun Java Calendar Deserialization
2009-10-27 00:00:00
Signed Applet Social Engineering Code Exec
2010-02-05 00:00:00
zdi
zdi
Sun Java AWT Library Sandbox Violation Vulnerability
2008-12-04 00:00:00
Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities
2008-12-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Sun Java Runtime Environment JAR File Processing Stack Buffer Overflow (CVE-2008-5354)
2010-07-13 00:00:00
Sun Java Web Start Splashscreen GIF Decoding Buffer Overflow - Improved Performance (CVE-2008-2086)
2013-05-16 00:00:00
Sun Java Runtime Environment Abstract Windowing Toolkit Memory Corruption (CVE-2008-5359)
2010-06-23 00:00:00
exploitpack
exploitpack
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)
2008-12-03 00:00:00
Apple Mac OSX - Java applet Remote Deserialization Remote (2)
2009-05-20 00:00:00
metasploit
metasploit
Sun Java Calendar Deserialization Privilege Escalation
2009-12-15 20:37:15
symantec
symantec
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
2008-12-03 00:00:00
threatpost
threatpost
Chorus Grows Louder to Disable Java 7 After Exploit Hits Mainstream
2012-08-30 02:03:14

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

JSON
Related for REDHAT-RHSA-2008-1025.NASL
openvas46nessus39redhat7suse3seebug7fedora2securityvulns3ubuntu1vmware2prion14nvd17cvelist14saint4ubuntucve10cve15canvas2packetstorm2zdi2checkpoint_advisories4exploitpack2metasploit1symantec1threatpost1