Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_11_1_JAVA-1_6_0-OPENJDK-100428.NASL
HistoryApr 30, 2010 - 12:00 a.m.

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)

2010-04-3000:00:00
This script is Copyright (C) 2010-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.948

Percentile

99.3%

JSON

java-1_6_0-openjdk version 1.7.3 fixes serveral security issues :

  • CVE-2010-0837: JAR ‘unpack200’ must verify input parameters

  • CVE-2010-0845: No ClassCastException for HashAttributeSet constructors if run with -Xcomp

  • CVE-2010-0838: CMM readMabCurveData Buffer Overflow Vulnerability

  • CVE-2010-0082: Loader-constraint table allows arrays instead of only the base-classes

  • CVE-2010-0095: Subclasses of InetAddress may incorrectly interpret network addresses

  • CVE-2010-0085: File TOCTOU deserialization vulnerability

  • CVE-2010-0091: Unsigned applet can retrieve the dragged information before drop action occurs

  • CVE-2010-0088: Inflater/Deflater clone issues

  • CVE-2010-0084: Policy/PolicyFile leak dynamic ProtectionDomains.

  • CVE-2010-0092: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error

  • CVE-2010-0094: Deserialization of RMIConnectionImpl objects should enforce stricter checks

  • CVE-2010-0093: System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes

  • CVE-2010-0840: Applet Trusted Methods Chaining Privilege Escalation Vulnerability

  • CVE-2010-0848: AWT Library Invalid Index Vulnerability

  • CVE-2010-0847: ImagingLib arbitrary code execution vulnerability

  • CVE-2009-3555: TLS: MITM attacks via session renegotiation

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update java-1_6_0-openjdk-2362.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(46189);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/25");

  script_cve_id(
    "CVE-2009-3555",
    "CVE-2010-0082",
    "CVE-2010-0084",
    "CVE-2010-0085",
    "CVE-2010-0088",
    "CVE-2010-0091",
    "CVE-2010-0092",
    "CVE-2010-0093",
    "CVE-2010-0094",
    "CVE-2010-0095",
    "CVE-2010-0837",
    "CVE-2010-0838",
    "CVE-2010-0840",
    "CVE-2010-0845",
    "CVE-2010-0847",
    "CVE-2010-0848"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/15");

  script_name(english:"openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"java-1_6_0-openjdk version 1.7.3 fixes serveral security issues :

  - CVE-2010-0837: JAR 'unpack200' must verify input
    parameters

  - CVE-2010-0845: No ClassCastException for
    HashAttributeSet constructors if run with -Xcomp

  - CVE-2010-0838: CMM readMabCurveData Buffer Overflow
    Vulnerability

  - CVE-2010-0082: Loader-constraint table allows arrays
    instead of only the base-classes

  - CVE-2010-0095: Subclasses of InetAddress may incorrectly
    interpret network addresses

  - CVE-2010-0085: File TOCTOU deserialization vulnerability

  - CVE-2010-0091: Unsigned applet can retrieve the dragged
    information before drop action occurs

  - CVE-2010-0088: Inflater/Deflater clone issues

  - CVE-2010-0084: Policy/PolicyFile leak dynamic
    ProtectionDomains.

  - CVE-2010-0092: AtomicReferenceArray causes SIGSEGV ->
    SEGV_MAPERR error

  - CVE-2010-0094: Deserialization of RMIConnectionImpl
    objects should enforce stricter checks

  - CVE-2010-0093: System.arraycopy unable to reference
    elements beyond Integer.MAX_VALUE bytes

  - CVE-2010-0840: Applet Trusted Methods Chaining Privilege
    Escalation Vulnerability

  - CVE-2010-0848: AWT Library Invalid Index Vulnerability

  - CVE-2010-0847: ImagingLib arbitrary code execution
    vulnerability

  - CVE-2009-3555: TLS: MITM attacks via session
    renegotiation");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=594415");
  script_set_attribute(attribute:"see_also", value:"https://lists.opensuse.org/opensuse-updates/2010-04/msg00090.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected java-1_6_0-openjdk packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java Statement.invoke() Trusted Method Chain Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_cwe_id(310);

  script_set_attribute(attribute:"patch_publication_date", value:"2010/04/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/04/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2010-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-1.6.0.0_b17-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-demo-1.6.0.0_b17-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-devel-1.6.0.0_b17-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-javadoc-1.6.0.0_b17-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-plugin-1.6.0.0_b17-2.3.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"java-1_6_0-openjdk-src-1.6.0.0_b17-2.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_6_0-openjdk / java-1_6_0-openjdk-demo / etc");
}
VendorProductVersionCPE
novellopensuse11.1cpe:/o:novell:opensuse:11.1
novellopensusejava-1_6_0-openjdkp-cpe:/a:novell:opensuse:java-1_6_0-openjdk
novellopensusejava-1_6_0-openjdk-demop-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo
novellopensusejava-1_6_0-openjdk-develp-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel
novellopensusejava-1_6_0-openjdk-javadocp-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc
novellopensusejava-1_6_0-openjdk-srcp-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src
novellopensusejava-1_6_0-openjdk-pluginp-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin

References

Related

nessus 35
openvas 26
securityvulns 7
centos 1
redhat 9
oraclelinux 1
ubuntu 1
fedora 3
gentoo 1
suse 2
prion 15
nvd 14
cvelist 15
ubuntucve 14
cve 15
checkpoint_advisories 2
veracode 14
seebug 3
packetstorm 3
zdi 4
saint 4
metasploit 2
cisa_kev 1
thn 2
canvas 2
symantec 1
attackerkb 1
exploitpack 1
nessus
nessus
Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64
2012-08-01 00:00:00
Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : openjdk-6 vulnerabilities (USN-923-1)
2010-04-09 00:00:00
Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2010-0339)
2013-07-12 00:00:00
openvas
openvas
CentOS Update for java CESA-2010:0339 centos5 i386
2011-08-09 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2010:0339-01
2010-04-06 00:00:00
Ubuntu Update for openjdk-6 vulnerabilities USN-923-1
2010-04-09 00:00:00
securityvulns
securityvulns
[USN-923-1] OpenJDK vulnerabilities
2010-04-07 00:00:00
Oracle Sun Java multiple security vulnerabilities
2010-04-07 00:00:00
[security bulletin] HPSBMA02547 SSRT100179 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities
2010-07-18 00:00:00
centos
centos
java security update
2010-06-12 15:56:24
redhat
redhat
(RHSA-2010:0339) Important: java-1.6.0-openjdk security update
2010-03-31 00:00:00
(RHSA-2010:0130) Moderate: java-1.5.0-ibm security update
2010-03-03 00:00:00
(RHSA-2010:0338) Critical: java-1.5.0-sun security update
2010-03-31 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2010-04-08 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2010-04-07 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-37.b17.fc13
2010-04-09 21:05:39
[SECURITY] Fedora 11 Update: java-1.6.0-openjdk-1.6.0.0-34.b17.fc11
2010-04-09 01:32:00
[SECURITY] Fedora 12 Update: java-1.6.0-openjdk-1.6.0.0-37.b17.fc12
2010-04-09 01:28:22
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2010-06-04 00:00:00
suse
suse
remote code execution in java-1_5_0-ibm
2010-07-06 17:26:45
remote code execution in java-1_6_0-ibm
2010-07-01 17:43:53
prion
prion
Design/Logic Flaw
2010-04-01 16:30:00
Design/Logic Flaw
2010-04-01 16:30:00
Design/Logic Flaw
2010-04-01 16:30:00
nvd
nvd
CVE-2010-0093
2010-04-01 16:30:00
CVE-2010-0095
2010-04-01 16:30:00
CVE-2010-0091
2010-04-01 16:30:00
cvelist
cvelist
CVE-2010-0095
2010-04-01 16:00:00
CVE-2010-0084
2010-04-01 16:00:00
CVE-2010-0088
2010-04-01 16:00:00
ubuntucve
ubuntucve
CVE-2010-0095
2010-04-01 00:00:00
CVE-2010-0093
2010-04-01 00:00:00
CVE-2010-0088
2010-04-01 00:00:00
cve
cve
CVE-2010-0095
2010-04-01 16:30:00
CVE-2010-0093
2010-04-01 16:30:00
CVE-2010-0088
2010-04-01 16:30:00
checkpoint_advisories
checkpoint_advisories
Java Signed Applet (CVE-2008-5353; CVE-2010-0094; CVE-2010-0840)
2011-11-01 00:00:00
Oracle Java Runtime CMM readMabCurveData Buffer Overflow (CVE-2010-0838)
2010-10-03 00:00:00
veracode
veracode
Access Restriction Bypass
2020-04-10 00:47:59
Privilege Escalation
2020-04-10 00:45:50
Information Disclosure
2020-04-10 00:45:51
seebug
seebug
Java RMIConnectionImpl Deserialization Privilege Escalation Exploit
2014-07-01 00:00:00
Java Statement.invoke() Trusted Method Chain Exploit
2014-07-01 00:00:00
Java CMM readMabCurveData - Stack Overflow
2014-07-01 00:00:00
packetstorm
packetstorm
Month Of Abysssec Undisclosed Bugs - Java CMM
2010-09-21 00:00:00
Java RMIConnectionImpl Deserialization Privilege Escalation Exploit
2010-09-09 00:00:00
Java Statement.invoke() Trusted Method Chain Exploit
2010-08-24 00:00:00
zdi
zdi
Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability
2010-04-05 00:00:00
Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
2010-04-05 00:00:00
Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability
2010-04-05 00:00:00
saint
saint
Java Runtime CMM readMabCurveData Buffer Overflow
2010-10-04 00:00:00
Java Runtime CMM readMabCurveData Buffer Overflow
2010-10-04 00:00:00
Java Runtime CMM readMabCurveData Buffer Overflow
2010-10-04 00:00:00
metasploit
metasploit
Java Statement.invoke() Trusted Method Chain Privilege Escalation
2010-08-21 06:38:29
Java RMIConnectionImpl Deserialization Privilege Escalation
2010-09-08 08:20:55
cisa_kev
cisa_kev
Oracle JRE Unspecified Vulnerability
2022-05-25 00:00:00
thn
thn
Phoenix exploit kit 2.5 leaked, Download Now !
2011-04-15 07:47:00
Crimepack 3.1.3 Exploit kit Leaked, available for Download !
2011-05-15 00:56:00
canvas
canvas
Immunity Canvas: JAVA_DESERIALIZE2
2010-04-01 16:30:00
Immunity Canvas: JAVA_METHOD_CHAIN
2010-04-01 16:30:00
symantec
symantec
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
2010-03-30 00:00:00
attackerkb
attackerkb
CVE-2010-0840
2010-04-01 00:00:00
exploitpack
exploitpack
Java 6.19 CMM readMabCurveData - Remote Stack Overflow
2010-09-20 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.948

Percentile

99.3%

JSON
Related for SUSE_11_1_JAVA-1_6_0-OPENJDK-100428.NASL
nessus35openvas26securityvulns7centos1redhat9oraclelinux1ubuntu1fedora3gentoo1suse2prion15nvd14cvelist15ubuntucve14cve15checkpoint_advisories2veracode14seebug3packetstorm3zdi4saint4metasploit2cisa_kev1thn2canvas2symantec1attackerkb1exploitpack1