Search...

[SECURITY] [DSA 4144-1] openjdk-8 security update

2018-03-17T18:44:57

ID DEBIAN:DSA-4144-1:54880
Type debian
Reporter Debian
Modified 2018-03-17T18:44:57

Description

Debian Security Advisory DSA-4144-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 17, 2018 https://www.debian.org/security/faq

Package : openjdk-8 CVE ID : CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, execution of arbitrary code, incorrect LDAP/GSS authentication, insecure use of cryptography or bypass of deserialisation restrictions.

For the stable distribution (stretch), these problems have been fixed in version 8u162-b12-1~deb9u1.

We recommend that you upgrade your openjdk-8 packages.

For the detailed security status of openjdk-8 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openjdk-8

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

JSON Vulners Source

Initial Source

{"id": "DEBIAN:DSA-4144-1:54880", "bulletinFamily": "unix", "title": "[SECURITY] [DSA 4144-1] openjdk-8 security update", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4144-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 17, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-8\nCVE ID : CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 \n CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 \n CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 \n CVE-2018-2663 CVE-2018-2677 CVE-2018-2678\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, sandbox bypass, execution of arbitrary code, incorrect\nLDAP/GSS authentication, insecure use of cryptography or bypass of\ndeserialisation restrictions.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 8u162-b12-1~deb9u1.\n\nWe recommend that you upgrade your openjdk-8 packages.\n\nFor the detailed security status of openjdk-8 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openjdk-8\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "published": "2018-03-17T18:44:57", "modified": "2018-03-17T18:44:57", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00070.html", "reporter": "Debian", "references": [], "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "type": "debian", "lastseen": "2020-08-12T00:51:51", "edition": 11, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS2-2018-949", "ALAS-2018-949", "ALAS-2018-974"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-0095", "ELSA-2018-0349"]}, {"type": "nessus", "idList": ["EULEROS_SA-2018-1028.NASL", "UBUNTU_USN-3613-1.NASL", "REDHAT-RHSA-2018-0095.NASL", "SL_20180117_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "OPENSUSE-2018-254.NASL", "AL2_ALAS-2018-949.NASL", "SUSE_SU-2018-0663-1.NASL", "CENTOS_RHSA-2018-0095.NASL", "DEBIAN_DSA-4144.NASL", "NEWSTART_CGSL_NS-SA-2019-0126_JAVA-1.8.0-OPENJDK.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220181028", "OPENVAS:1361412562310882831", "OPENVAS:1361412562310704166", "OPENVAS:1361412562310843490", "OPENVAS:1361412562310882845", "OPENVAS:1361412562310910002", "OPENVAS:1361412562310704144", "OPENVAS:1361412562311220181059", "OPENVAS:1361412562311220181058", "OPENVAS:1361412562311220181027"]}, {"type": "redhat", "idList": ["RHSA-2018:0458", "RHSA-2018:1812", "RHSA-2018:0521", "RHSA-2018:0351", "RHSA-2018:0100", "RHSA-2018:0352", "RHSA-2018:0095", "RHSA-2018:0349", "RHSA-2018:0115", "RHSA-2018:0099"]}, {"type": "centos", "idList": ["CESA-2018:0349", "CESA-2018:0095"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:0679-1", "SUSE-SU-2018:0743-1", "SUSE-SU-2018:0665-1", "SUSE-SU-2018:0663-1", "OPENSUSE-SU-2018:0684-1", "SUSE-SU-2018:0661-1", "SUSE-SU-2018:0694-1", "SUSE-SU-2018:0630-1", "SUSE-SU-2018:0645-1"]}, {"type": "ubuntu", "idList": ["USN-3614-1", "USN-3613-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4166-1:929BB", "DEBIAN:DLA-1339-1:B1DCE"]}, {"type": "gentoo", "idList": ["GLSA-201803-06"]}, {"type": "aix", "idList": ["JAVA_JAN2018_ADVISORY.ASC"]}, {"type": "kaspersky", "idList": ["KLA11178"]}], "modified": "2020-08-12T00:51:51", "rev": 2}, "score": {"value": 6.5, "vector": "NONE", "modified": "2020-08-12T00:51:51", "rev": 2}, "vulnersScore": 6.5}, "affectedPackage": [{"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-jre_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-jre", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-jdk-headless_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-jdk-headless", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-jre-headless_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-jre-headless", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-doc_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-doc", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-source_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-source", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-jdk_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-jdk", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-dbg_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-dbg", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-jre-zero_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-jre-zero", "packageVersion": "8u162-b12-1~deb9u1"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "operator": "lt", "packageFilename": "openjdk-8-demo_8u162-b12-1~deb9u1_all.deb", "packageName": "openjdk-8-demo", "packageVersion": "8u162-b12-1~deb9u1"}], "scheme": null}

{"suse": [{"lastseen": "2018-03-15T06:35:37", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_8_0-openjdk fixes the following issues:\n\n Security issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366):\n\n - CVE-2018-2579: Improve key keying case\n - CVE-2018-2582: Better interface invocations\n - CVE-2018-2588: Improve LDAP logins\n - CVE-2018-2599: Improve reliability of DNS lookups\n - CVE-2018-2602: Improve usage messages\n - CVE-2018-2603: Improve PKCS usage\n - CVE-2018-2618: Stricter key generation\n - CVE-2018-2629: Improve GSS handling\n - CVE-2018-2633: Improve LDAP lookup robustness\n - CVE-2018-2634: Improve property negotiations\n - CVE-2018-2637: Improve JMX supportive features\n - CVE-2018-2641: Improve GTK initialization\n - CVE-2018-2663: More refactoring for deserialization cases\n - CVE-2018-2677: More refactoring for client deserialization cases\n - CVE-2018-2678: More refactoring for naming deserialization cases\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "edition": 1, "modified": "2018-03-15T03:07:22", "published": "2018-03-15T03:07:22", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00036.html", "id": "OPENSUSE-SU-2018:0679-1", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-12T21:34:11", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_8_0-openjdk fixes the following issues:\n\n Security issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366):\n\n - CVE-2018-2579: Improve key keying case\n - CVE-2018-2582: Better interface invocations\n - CVE-2018-2588: Improve LDAP logins\n - CVE-2018-2599: Improve reliability of DNS lookups\n - CVE-2018-2602: Improve usage messages\n - CVE-2018-2603: Improve PKCS usage\n - CVE-2018-2618: Stricter key generation\n - CVE-2018-2629: Improve GSS handling\n - CVE-2018-2633: Improve LDAP lookup robustness\n - CVE-2018-2634: Improve property negotiations\n - CVE-2018-2637: Improve JMX supportive features\n - CVE-2018-2641: Improve GTK initialization\n - CVE-2018-2663: More refactoring for deserialization cases\n - CVE-2018-2677: More refactoring for client deserialization cases\n - CVE-2018-2678: More refactoring for naming deserialization cases\n\n", "edition": 1, "modified": "2018-03-12T18:09:10", "published": "2018-03-12T18:09:10", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00032.html", "id": "SUSE-SU-2018:0663-1", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-15T14:34:25", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_7_0-openjdk fixes the following issues:\n\n Security issues fixed in OpenJDK 7u171 (January 2018 CPU)(bsc#1076366):\n\n - CVE-2018-2579: Improve key keying case\n - CVE-2018-2588: Improve LDAP logins\n - CVE-2018-2599: Improve reliability of DNS lookups\n - CVE-2018-2602: Improve usage messages\n - CVE-2018-2603: Improve PKCS usage\n - CVE-2018-2618: Stricter key generation\n - CVE-2018-2629: Improve GSS handling\n - CVE-2018-2633: Improve LDAP lookup robustness\n - CVE-2018-2634: Improve property negotiations\n - CVE-2018-2637: Improve JMX supportive features\n - CVE-2018-2641: Improve GTK initialization\n - CVE-2018-2663: More refactoring for deserialization cases\n - CVE-2018-2677: More refactoring for client deserialization cases\n - CVE-2018-2678: More refactoring for naming\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "edition": 1, "modified": "2018-03-15T12:12:52", "published": "2018-03-15T12:12:52", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00038.html", "id": "OPENSUSE-SU-2018:0684-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-12T21:34:10", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_7_0-openjdk fixes the following issues:\n\n Security issues fixed in OpenJDK 7u171 (January 2018 CPU)(bsc#1076366):\n\n - CVE-2018-2579: Improve key keying case\n - CVE-2018-2588: Improve LDAP logins\n - CVE-2018-2599: Improve reliability of DNS lookups\n - CVE-2018-2602: Improve usage messages\n - CVE-2018-2603: Improve PKCS usage\n - CVE-2018-2618: Stricter key generation\n - CVE-2018-2629: Improve GSS handling\n - CVE-2018-2633: Improve LDAP lookup robustness\n - CVE-2018-2634: Improve property negotiations\n - CVE-2018-2637: Improve JMX supportive features\n - CVE-2018-2641: Improve GTK initialization\n - CVE-2018-2663: More refactoring for deserialization cases\n - CVE-2018-2677: More refactoring for client deserialization cases\n - CVE-2018-2678: More refactoring for naming\n\n", "edition": 1, "modified": "2018-03-12T18:08:02", "published": "2018-03-12T18:08:02", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00031.html", "id": "SUSE-SU-2018:0661-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-15T20:35:53", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2657", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_7_1-ibm fixes the following issues:\n\n The version was updated to 7.1.4.20 [bsc#1082810]\n\n * Security fixes:\n\n - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641\n CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602\n CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2588 CVE-2018-2579\n\n * Defect fixes:\n\n - IJ04281 Class Libraries: Startup time increase after applying apar\n IV96905\n - IJ03822 Class Libraries: Update timezone information to tzdata2017c\n - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,\n trace, log was not enabled by default\n - IJ03607 JIT Compiler: Result String contains a redundant dot when\n converted from BigDecimal with 0 on all platforms\n - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01\n - IJ04282 Security: Change in location and default of jurisdiction\n policy files\n - IJ03853 Security: IBMCAC provider does not support SHA224\n - IJ02679 Security: IBMPKCS11Impl -- Bad sessions are being allocated\n internally\n - IJ02706 Security: IBMPKCS11Impl -- Bad sessions are being allocated\n internally\n - IJ03552 Security: IBMPKCS11Impl -- Config file problem with the slot\n specification attribute\n - IJ01901 Security: IBMPKCS11Impl -- SecureRandom.setSeed() exception\n - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with\n stash, JKS Chain issue and JVM argument parse issue with iKeyman\n - IJ03256 Security: javax.security.auth.Subject.toString() throws NPE\n - IJ02284 JIT Compiler: Division by zero in JIT compiler\n\n * SUSE fixes:\n\n - Make it possible to run Java jnlp files from Firefox. (bsc#1057460)\n\n - Fixed symlinks to policy files on update [bsc#1085018]\n\n - Fixed jpackage-java-1_7_1-ibm-webstart.desktop file to allow Java jnlp\n files run from Firefox. [bsc#1057460, bsc#1076390]\n\n - Fix javaws segfaults when java expiration timer has elapsed.\n [bsc#929900]\n\n - Provide IBM Java updates for IBMs PMR 55931,671,760 and for SUSEs SR\n 110991601735. [bsc#966304]\n\n", "edition": 1, "modified": "2018-03-15T18:07:53", "published": "2018-03-15T18:07:53", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00039.html", "id": "SUSE-SU-2018:0694-1", "title": "Security update for java-1_7_1-ibm (important)", "type": "suse", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-19T20:35:57", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2657", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_7_1-ibm fixes the following issue:\n\n The version was updated to 7.1.4.20 [bsc#1082810]\n\n * Security fixes:\n\n - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641\n CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602\n CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2588 CVE-2018-2579\n\n * Defect fixes:\n\n - IJ04281 Class Libraries: Startup time increase after applying apar\n IV96905\n - IJ03822 Class Libraries: Update timezone information to tzdata2017c\n - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,\n trace, log was not enabled by default\n - IJ03607 JIT Compiler: Result String contains a redundant dot when\n converted from BigDecimal with 0 on all platforms\n - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01\n - IJ04282 Security: Change in location and default of jurisdiction\n policy files\n - IJ03853 Security: IBMCAC provider does not support SHA224\n - IJ02679 Security: IBMPKCS11Impl -- Bad sessions are being allocated\n internally\n - IJ02706 Security: IBMPKCS11Impl -- Bad sessions are being allocated\n internally\n - IJ03552 Security: IBMPKCS11Impl -- Config file problem with the slot\n specification attribute\n - IJ01901 Security: IBMPKCS11Impl -- SecureRandom.setSeed() exception\n - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with\n stash, JKS Chain issue and JVM argument parse issue with iKeyman\n - IJ03256 Security: javax.security.auth.Subject.toString() throws NPE\n - IJ02284 JIT Compiler: Division by zero in JIT compiler\n\n * SUSE fixes:\n\n - Make it possible to run Java jnlp files from Firefox. (bsc#1057460)\n\n - Fixed jpackage-java-1_7_1-ibm-webstart.desktop file to allow Java jnlp\n files run from Firefox. [bsc#1057460, bsc#1076390]\n\n - Fix javaws segfaults when java expiration timer has elapsed.\n [bsc#929900]\n\n - Provide IBM Java updates for IBMs PMR 55931,671,760 and for SUSEs SR\n 110991601735. [bsc#966304]\n\n - Ensure that all Java policy files are symlinked into the proper file\n system locations. Without those symlinks, several OES iManager plugins\n did not function properly. [bsc#1085018]\n\n", "edition": 1, "modified": "2018-03-19T18:08:56", "published": "2018-03-19T18:08:56", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00049.html", "id": "SUSE-SU-2018:0743-1", "title": "Security update for java-1_7_1-ibm (important)", "type": "suse", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-07T17:37:39", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2657", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_7_1-ibm provides the following fix:\n\n The version was updated to 7.1.4.20 [bsc#1082810]\n\n * Security fixes:\n\n - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641\n CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602\n CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2588 CVE-2018-2579\n\n * Defect fixes:\n\n - IJ04281 Class Libraries: Startup time increase after applying apar\n IV96905\n - IJ03822 Class Libraries: Update timezone information to tzdata2017c\n - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,\n trace, log was not enabled by default\n - IJ03607 JIT Compiler: Result String contains a redundant dot when\n converted from BigDecimal with 0 on all platforms\n - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01\n - IJ04282 Security: Change in location and default of jurisdiction\n policy files\n - IJ03853 Security: IBMCAC provider does not support SHA224\n - IJ02679 Security: IBMPKCS11Impl \u00e2\u0080\u0093 Bad sessions are being allocated\n internally\n - IJ02706 Security: IBMPKCS11Impl \u00e2\u0080\u0093 Bad sessions are being allocated\n internally\n - IJ03552 Security: IBMPKCS11Impl - Config file problem with the slot\n specification attribute\n - IJ01901 Security: IBMPKCS11Impl \u00e2\u0080\u0093 SecureRandom.setSeed() exception\n - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with\n stash, JKS Chain issue and JVM argument parse issue with iKeyman\n - IJ03256 Security: javax.security.auth.Subject.toString() throws NPE\n - IJ02284 JIT Compiler: Division by zero in JIT compiler\n - Make it possible to run Java jnlp files from Firefox. (bsc#1057460)\n\n", "edition": 1, "modified": "2018-03-07T15:07:26", "published": "2018-03-07T15:07:26", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00027.html", "id": "SUSE-SU-2018:0630-1", "type": "suse", "title": "Security update for java-1_7_1-ibm (important)", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-09T15:37:44", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2657", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_7_0-ibm provides the following fixes:\n\n The version was updated to 7.0.10.20 [bsc#1082810]:\n\n * Following security issues were fixed:\n\n - CVE-2018-2633 CVE-2018-2637 CVE-2018-2634 CVE-2018-2582 CVE-2018-2641\n CVE-2018-2618 CVE-2018-2657 CVE-2018-2603 CVE-2018-2599 CVE-2018-2602\n CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2588 CVE-2018-2579\n\n * Defect fixes:\n\n - IJ04281 Class Libraries: Startup time increase after applying apar\n IV96905\n - IJ03822 Class Libraries: Update timezone information to tzdata2017c\n - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,\n trace, log was not enabled by default\n - IJ03607 JIT Compiler: Result String contains a redundant dot when\n converted from BigDecimal with 0 on all platforms\n - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01\n - IJ04282 Security: Change in location and default of jurisdiction\n policy files\n - IJ03853 Security: IBMCAC provider does not support SHA224\n - IJ02679 Security: IBMPKCS11Impl \u00e2\u0080\u0093 Bad sessions are being allocated\n internally\n - IJ02706 Security: IBMPKCS11Impl \u00e2\u0080\u0093 Bad sessions are being allocated\n internally\n - IJ03552 Security: IBMPKCS11Impl - Config file problem with the slot\n specification attribute\n - IJ01901 Security: IBMPKCS11Impl \u00e2\u0080\u0093 SecureRandom.setSeed() exception\n - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with\n stash, JKS Chain issue and JVM argument parse issue with iKeyman\n - IJ02284 JIT Compiler: Division by zero in JIT compiler\n\n - Make it possible to run Java jnlp files from Firefox. (bsc#1057460)\n\n", "edition": 1, "modified": "2018-03-09T12:09:56", "published": "2018-03-09T12:09:56", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00029.html", "id": "SUSE-SU-2018:0645-1", "type": "suse", "title": "Security update for java-1_7_0-ibm (important)", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-03-12T21:34:11", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2639", "CVE-2018-2638", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "This update for java-1_8_0-ibm fixes the following issues:\n\n - Removed java-1_8_0-ibm-alsa and java-1_8_0-ibm-plugin entries in\n baselibs.conf due to errors in osc source_validator\n\n Version update to 8.0.5.10 [bsc#1082810]\n\n * Security fixes:\n\n CVE-2018-2639 CVE-2018-2638 CVE-2018-2633 CVE-2018-2637 CVE-2018-2634\n CVE-2018-2582 CVE-2018-2641 CVE-2018-2618 CVE-2018-2603 CVE-2018-2599\n CVE-2018-2602 CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2588\n CVE-2018-2579\n\n * Defect fixes:\n\n - IJ02608 Class Libraries: Change of namespace definitions with\n handlers that implement javax.xml.ws.handler.soap.soaphandler\n - IJ04280 Class Libraries: Deploy Upgrade to Oracle level 8u161-b12\n - IJ03390 Class Libraries: JCL Upgrade to Oracle level 8u161-b12\n - IJ04001 Class Libraries: Performance improvement with child process\n on AIX\n - IJ04281 Class Libraries: Startup time increase after applying apar\n IV96905\n - IJ03822 Class Libraries: Update timezone information to tzdata2017c\n - IJ03440 Java Virtual Machine: Assertion failure during class creation\n - IJ03717 Java Virtual Machine: Assertion for gencon with concurrent\n scavenger on ZOS64\n - IJ03513 Java Virtual Machine: Assertion in concurrent scavenger if\n initial heap memory size -Xms is set too low\n - IJ03994 Java Virtual Machine: Class.getmethods() does not return all\n methods\n - IJ03413 Java Virtual Machine: Hang creating thread after redefining\n classes\n - IJ03852 Java Virtual Machine: ICH408I message when groupaccess is\n specified with -xshareclasses\n - IJ03716 Java Virtual Machine: java/lang/linkageerror from\n sun/misc/unsafe.definean onymousclass()\n - IJ03116 Java Virtual Machine: java.fullversion string contains an\n extra space\n - IJ03347 Java Virtual Machine: java.lang.IllegalStateException in\n related class MemoryMXBean\n - IJ03878 Java Virtual Machine: java.lang.StackOverflowError is thrown\n when custom security manager in place\n - IJ03605 Java Virtual Machine: Legacy security for com.ibm.jvm.dump,\n trace, log was not enabled by default\n - IJ04248 JIT Compiler: ArrayIndexOutOfBoundsException is thrown when\n converting BigDecimal to String\n - IJ04250 JIT Compiler: Assertion failure with concurrentScavenge on\n Z14\n - IJ03606 JIT Compiler: Java crashes with -version\n - IJ04251 JIT Compiler: JIT compiled method that takes advantage of\n AutoSIMD produces an incorrect result on x86\n - IJ03854 JIT Compiler: JVM info message appears in stdout\n - IJ03607 JIT Compiler: Result String contains a redundant dot when\n converted from BigDecimal with 0 on all platforms\n - IX90185 ORB: Upgrade ibmcfw.jar to version O1800.01\n - IJ03715 Security: Add additional support for the IBMJCEPlus\n provider, add support for new IBMJCEPlusFIPS provider\n - IJ03800 Security: A fix in CMS provider for KDB integrity\n - IJ04282 Security: Change in location and default of jurisdiction\n policy files\n - IJ03853 Security: IBMCAC provider does not support SHA224\n - IJ02679 Security: IBMPKCS11Impl \u00e2\u0080\u0093 Bad sessions are being allocated\n internally\n - IJ02706 Security: IBMPKCS11Impl \u00e2\u0080\u0093 Bad sessions are being allocated\n internally\n - IJ03552 Security: IBMPKCS11Impl - Config file problem with the slot\n specification attribute\n - IJ01901 Security: IBMPKCS11Impl \u00e2\u0080\u0093 SecureRandom.setSeed() exception\n - IJ03801 Security: Issue with same DN certs, iKeyman GUI error with\n stash, JKS Chain issue and JVM argument parse issue with iKeyman\n - IJ03256 Security: javax.security.auth.Subject.toString() throws NPE\n - PI93233 z/OS Extentions: Cipher.doFinal() fails when using\n AES/GCM/nopadding with AAD data of 13 bytes and a block size\n of 4081 to 4096\n\n * Fixes in 8.0.5.7:\n\n - IJ02605 Class Libraries: Update IBM-1371 charset with new\n specification support\n - IJ02541 Java Virtual Machine: Assertions in GC when jvmti runs with\n Concurrent Scavenger\n - IJ02443 Java Virtual Machine: Committed eden region size is bigger\n than maximum eden region size\n - IJ02378 Java Virtual Machine: Existing signal action for\n SIG_IGN/SIG_DFL is not detected properly\n - IJ02758 JIT Compiler: Crash in JIT module during method compilation\n - IJ02733 JIT Compiler: Crash in jit module when compiling in\n non-default configuration\n\n * Fixes in 8.0.5.6:\n\n - IJ02283 Java Virtual Machine: IllegalAccessException due to a\n missing access check for the same class in MethodHandle apis\n - IJ02082 Java Virtual Machine: The default value for class unloading\n kick\n off threshold is not set\n - IJ02018 JIT Compiler: Crash or assertion while attempting to acquire\n VM access\n - IJ02284 JIT Compiler: Division by zero in JIT compiler\n - IV88941 JIT Compiler: JIT compiler takes far too long to compile a\n method\n - IJ02285 JIT Compiler: Performance degradation during class unloading\n in Java 8 SR5\n\n - Support Java jnlp files run from Firefox. [bsc#1076390]\n\n", "edition": 1, "modified": "2018-03-12T18:10:24", "published": "2018-03-12T18:10:24", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00034.html", "id": "SUSE-SU-2018:0665-1", "type": "suse", "title": "Security update for java-1_8_0-ibm (important)", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-08-13T18:46:58", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2579", "CVE-2018-2582", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2629", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "modified": "2018-06-07T18:22:40", "published": "2018-01-17T20:51:35", "id": "RHSA-2018:0095", "href": "https://access.redhat.com/errata/RHSA-2018:0095", "type": "redhat", "title": "(RHSA-2018:0095) Important: java-1.8.0-openjdk security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-08-13T18:47:01", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2579", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2629", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)", "modified": "2018-06-07T18:22:41", "published": "2018-02-26T22:04:14", "id": "RHSA-2018:0349", "href": "https://access.redhat.com/errata/RHSA-2018:0349", "type": "redhat", "title": "(RHSA-2018:0349) Important: java-1.7.0-openjdk security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:00", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2579", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2629", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2657", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 6 to version 6 Update 181.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)", "modified": "2018-06-07T18:20:33", "published": "2018-01-23T01:29:11", "id": "RHSA-2018:0115", "href": "https://access.redhat.com/errata/RHSA-2018:0115", "type": "redhat", "title": "(RHSA-2018:0115) Important: java-1.6.0-sun security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:22", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2579", "CVE-2018-2581", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2629", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2657", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-06-09T14:12:00", "published": "2018-06-07T19:54:13", "id": "RHSA-2018:1812", "href": "https://access.redhat.com/errata/RHSA-2018:1812", "type": "redhat", "title": "(RHSA-2018:1812) Important: java-1.7.1-ibm security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:52", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1417", "CVE-2018-2579", "CVE-2018-2582", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2657", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-05-05T00:27:29", "published": "2018-03-07T15:00:22", "id": "RHSA-2018:0458", "href": "https://access.redhat.com/errata/RHSA-2018:0458", "type": "redhat", "title": "(RHSA-2018:0458) Important: java-1.7.1-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:56", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1417", "CVE-2018-2579", "CVE-2018-2582", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2657", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-06-07T18:21:38", "published": "2018-03-14T19:08:27", "id": "RHSA-2018:0521", "href": "https://access.redhat.com/errata/RHSA-2018:0521", "type": "redhat", "title": "(RHSA-2018:0521) Important: java-1.7.1-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-11T13:31:04", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2579", "CVE-2018-2581", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2629", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2641", "CVE-2018-2657", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678", "CVE-2018-2783"], "description": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 171.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2581, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)", "modified": "2018-06-07T18:20:31", "published": "2018-01-19T02:10:33", "id": "RHSA-2018:0100", "href": "https://access.redhat.com/errata/RHSA-2018:0100", "type": "redhat", "title": "(RHSA-2018:0100) Important: java-1.7.0-oracle security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-08-13T18:47:06", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1417", "CVE-2018-2579", "CVE-2018-2582", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2638", "CVE-2018-2639", "CVE-2018-2641", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP10.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)", "modified": "2018-06-07T18:21:52", "published": "2018-02-27T02:20:36", "id": "RHSA-2018:0352", "href": "https://access.redhat.com/errata/RHSA-2018:0352", "type": "redhat", "title": "(RHSA-2018:0352) Critical: java-1.8.0-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:47:06", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1417", "CVE-2018-2579", "CVE-2018-2582", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2638", "CVE-2018-2639", "CVE-2018-2641", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP10.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)", "modified": "2018-05-05T00:27:29", "published": "2018-02-27T02:19:11", "id": "RHSA-2018:0351", "href": "https://access.redhat.com/errata/RHSA-2018:0351", "type": "redhat", "title": "(RHSA-2018:0351) Critical: java-1.8.0-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1417", "CVE-2018-2579", "CVE-2018-2581", "CVE-2018-2582", "CVE-2018-2588", "CVE-2018-2599", "CVE-2018-2602", "CVE-2018-2603", "CVE-2018-2618", "CVE-2018-2627", "CVE-2018-2629", "CVE-2018-2633", "CVE-2018-2634", "CVE-2018-2637", "CVE-2018-2638", "CVE-2018-2639", "CVE-2018-2641", "CVE-2018-2657", "CVE-2018-2663", "CVE-2018-2677", "CVE-2018-2678"], "description": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP10.\n\nSecurity Fix(es):\n\n* IBM JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges (CVE-2018-1417)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2638)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2639)\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer) (CVE-2018-2627)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-05-15T19:20:34", "published": "2018-05-15T19:18:48", "id": "RHSA-2018:1463", "href": "https://access.redhat.com/errata/RHSA-2018:1463", "type": "redhat", "title": "(RHSA-2018:1463) Moderate: java-1.8.0-ibm security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:36:38", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "**CentOS Errata and Security Advisory** CESA-2018:0095\n\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-January/034750.html\nhttp://lists.centos.org/pipermail/centos-announce/2018-January/034751.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-accessibility\njava-1.8.0-openjdk-accessibility-debug\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-javadoc-zip\njava-1.8.0-openjdk-javadoc-zip-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\n", "edition": 6, "modified": "2018-01-18T12:02:37", "published": "2018-01-18T12:01:26", "id": "CESA-2018:0095", "href": "http://lists.centos.org/pipermail/centos-announce/2018-January/034750.html", "title": "java security update", "type": "centos", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-08T03:38:53", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "**CentOS Errata and Security Advisory** CESA-2018:0349\n\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-February/034802.html\nhttp://lists.centos.org/pipermail/centos-announce/2018-February/034803.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-accessibility\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-headless\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-02-28T11:24:45", "published": "2018-02-28T11:23:40", "id": "CESA-2018:0349", "href": "http://lists.centos.org/pipermail/centos-announce/2018-February/034802.html", "title": "java security update", "type": "centos", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:35:31", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "It was discovered that a race condition existed in the cryptography \nimplementation in OpenJDK. An attacker could possibly use this to expose \nsensitive information. (CVE-2018-2579)\n\nIt was discovered that the Hotspot component of OpenJDK did not properly \nvalidate uses of the invokeinterface JVM instruction. An attacker could \npossibly use this to access unauthorized resources. (CVE-2018-2582)\n\nIt was discovered that the LDAP implementation in OpenJDK did not properly \nencode login names. A remote attacker could possibly use this to expose \nsensitive information. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in OpenJDK did not \nproperly randomize source ports. A remote attacker could use this to spoof \nresponses to DNS queries made by Java applications. (CVE-2018-2599)\n\nIt was discovered that the Internationalization component of OpenJDK did \nnot restrict search paths when loading resource bundle classes. A local \nattacker could use this to trick a user into running malicious code. \n(CVE-2018-2602)\n\nIt was discovered that OpenJDK did not properly restrict memory allocations \nwhen parsing DER input. A remote attacker could possibly use this to cause \na denial of service. (CVE-2018-2603)\n\nIt was discovered that the Java Cryptography Extension (JCE) implementation \nin OpenJDK in some situations did not guarantee sufficient strength of keys \nduring key agreement. An attacker could use this to expose sensitive \ninformation. (CVE-2018-2618)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some \nsituations did not properly handle GSS contexts in the native GSS library. \nAn attacker could possibly use this to access unauthorized resources. \n(CVE-2018-2629)\n\nIt was discovered that the LDAP implementation in OpenJDK did not properly \nhandle LDAP referrals in some situations. An attacker could possibly use \nthis to expose sensitive information or gain unauthorized privileges. \n(CVE-2018-2633)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some \nsituations did not properly apply subject credentials. An attacker could \npossibly use this to expose sensitive information or gain access to \nunauthorized resources. (CVE-2018-2634)\n\nIt was discovered that the Java Management Extensions (JMX) component of \nOpenJDK did not properly apply deserialization filters in some situations. \nAn attacker could use this to bypass deserialization restrictions. \n(CVE-2018-2637)\n\nIt was discovered that a use-after-free vulnerability existed in the AWT \ncomponent of OpenJDK when loading the GTK library. An attacker could \npossibly use this to execute arbitrary code and escape Java sandbox \nrestrictions. (CVE-2018-2641)\n\nIt was discovered that in some situations OpenJDK did not properly validate \nobjects when performing deserialization. An attacker could use this to \ncause a denial of service (application crash or excessive memory \nconsumption). (CVE-2018-2663)\n\nIt was discovered that the AWT component of OpenJDK did not properly \nrestrict the amount of memory allocated when deserializing some objects. An \nattacker could use this to cause a denial of service (excessive memory \nconsumption). (CVE-2018-2677)\n\nIt was discovered that the JNDI component of OpenJDK did not properly \nrestrict the amount of memory allocated when deserializing objects in some \nsituations. An attacker could use this to cause a denial of service \n(excessive memory consumption). (CVE-2018-2678)", "edition": 5, "modified": "2018-04-02T00:00:00", "published": "2018-04-02T00:00:00", "id": "USN-3613-1", "href": "https://ubuntu.com/security/notices/USN-3613-1", "title": "OpenJDK 8 vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-07-02T11:39:04", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "It was discovered that a race condition existed in the cryptography \nimplementation in OpenJDK. An attacker could possibly use this to expose \nsensitive information. (CVE-2018-2579)\n\nIt was discovered that the LDAP implementation in OpenJDK did not properly \nencode login names. A remote attacker could possibly use this to expose \nsensitive information. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in OpenJDK did not \nproperly randomize source ports. A remote attacker could use this to spoof \nresponses to DNS queries made by Java applications. (CVE-2018-2599)\n\nIt was discovered that the Internationalization component of OpenJDK did \nnot restrict search paths when loading resource bundle classes. A local \nattacker could use this to trick a user into running malicious code. \n(CVE-2018-2602)\n\nIt was discovered that OpenJDK did not properly restrict memory allocations \nwhen parsing DER input. A remote attacker could possibly use this to cause \na denial of service. (CVE-2018-2603)\n\nIt was discovered that the Java Cryptography Extension (JCE) implementation \nin OpenJDK in some situations did not guarantee sufficient strength of keys \nduring key agreement. An attacker could use this to expose sensitive \ninformation. (CVE-2018-2618)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some \nsituations did not properly handle GSS contexts in the native GSS library. \nAn attacker could possibly use this to access unauthorized resources. \n(CVE-2018-2629)\n\nIt was discovered that the LDAP implementation in OpenJDK did not properly \nhandle LDAP referrals in some situations. An attacker could possibly use \nthis to expose sensitive information or gain unauthorized privileges. \n(CVE-2018-2633)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some \nsituations did not properly apply subject credentials. An attacker could \npossibly use this to expose sensitive information or gain access to \nunauthorized resources. (CVE-2018-2634)\n\nIt was discovered that the Java Management Extensions (JMX) component of \nOpenJDK did not properly apply deserialization filters in some situations. \nAn attacker could use this to bypass deserialization restrictions. \n(CVE-2018-2637)\n\nIt was discovered that a use-after-free vulnerability existed in the AWT \ncomponent of OpenJDK when loading the GTK library. An attacker could \npossibly use this to execute arbitrary code and escape Java sandbox \nrestrictions. (CVE-2018-2641)\n\nIt was discovered that in some situations OpenJDK did not properly validate \nobjects when performing deserialization. An attacker could use this to \ncause a denial of service (application crash or excessive memory \nconsumption). (CVE-2018-2663)\n\nIt was discovered that the AWT component of OpenJDK did not properly \nrestrict the amount of memory allocated when deserializing some objects. An \nattacker could use this to cause a denial of service (excessive memory \nconsumption). (CVE-2018-2677)\n\nIt was discovered that the JNDI component of OpenJDK did not properly \nrestrict the amount of memory allocated when deserializing objects in some \nsituations. An attacker could use this to cause a denial of service \n(excessive memory consumption). (CVE-2018-2678)", "edition": 5, "modified": "2018-04-02T00:00:00", "published": "2018-04-02T00:00:00", "id": "USN-3614-1", "href": "https://ubuntu.com/security/notices/USN-3614-1", "title": "OpenJDK 7 vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:35:34", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "**Issue Overview:**\n\nSingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) \nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. ([CVE-2018-2637 __](<https://access.redhat.com/security/cve/CVE-2018-2637>))\n\nLoading of classes from untrusted locations (I18n, 8182601) \nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. ([CVE-2018-2602 __](<https://access.redhat.com/security/cve/CVE-2018-2602>))\n\nLdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) \nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. ([CVE-2018-2588 __](<https://access.redhat.com/security/cve/CVE-2018-2588>))\n\nArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). ([CVE-2018-2663 __](<https://access.redhat.com/security/cve/CVE-2018-2663>))\n\nInsufficient validation of the invokeinterface instruction (Hotspot, 8174962) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N). ([CVE-2018-2582 __](<https://access.redhat.com/security/cve/CVE-2018-2582>))\n\nGTK library loading use-after-free (AWT, 8185325) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N). ([CVE-2018-2641 __](<https://access.redhat.com/security/cve/CVE-2018-2641>))\n\nLDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) \nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. ([CVE-2018-2633 __](<https://access.redhat.com/security/cve/CVE-2018-2633>))\n\nInsufficient strength of key agreement (JCE, 8185292) \nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. ([CVE-2018-2618 __](<https://access.redhat.com/security/cve/CVE-2018-2618>))\n\nUnsynchronized access to encryption key data (Libraries, 8172525) \nIt was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. ([CVE-2018-2579 __](<https://access.redhat.com/security/cve/CVE-2018-2579>))\n\nUnbounded memory allocation during deserialization (AWT, 8190289) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). ([CVE-2018-2677 __](<https://access.redhat.com/security/cve/CVE-2018-2677>))\n\nDerValue unbounded memory allocation (Libraries, 8182387) \nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. ([CVE-2018-2603 __](<https://access.redhat.com/security/cve/CVE-2018-2603>)) \n \nUnbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). ([CVE-2018-2678 __](<https://access.redhat.com/security/cve/CVE-2018-2678>))\n\nUse of global credentials for HTTP/SPNEGO (JGSS, 8186600) \nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. ([CVE-2018-2634 __](<https://access.redhat.com/security/cve/CVE-2018-2634>))\n\nGSS context use-after-free (JGSS, 8186212) \nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. ([CVE-2018-2629 __](<https://access.redhat.com/security/cve/CVE-2018-2629>)) \n \nDnsClient missing source port randomization (JNDI, 8182125) \nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. ([CVE-2018-2599 __](<https://access.redhat.com/security/cve/CVE-2018-2599>))\n\n \n**Affected Packages:** \n\n\njava-1.8.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.8.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.8.0-openjdk-src-1.8.0.161-0.b14.36.amzn1.i686 \n java-1.8.0-openjdk-debuginfo-1.8.0.161-0.b14.36.amzn1.i686 \n java-1.8.0-openjdk-headless-1.8.0.161-0.b14.36.amzn1.i686 \n java-1.8.0-openjdk-1.8.0.161-0.b14.36.amzn1.i686 \n java-1.8.0-openjdk-devel-1.8.0.161-0.b14.36.amzn1.i686 \n java-1.8.0-openjdk-demo-1.8.0.161-0.b14.36.amzn1.i686 \n \n noarch: \n java-1.8.0-openjdk-javadoc-zip-1.8.0.161-0.b14.36.amzn1.noarch \n java-1.8.0-openjdk-javadoc-1.8.0.161-0.b14.36.amzn1.noarch \n \n src: \n java-1.8.0-openjdk-1.8.0.161-0.b14.36.amzn1.src \n \n x86_64: \n java-1.8.0-openjdk-debuginfo-1.8.0.161-0.b14.36.amzn1.x86_64 \n java-1.8.0-openjdk-src-1.8.0.161-0.b14.36.amzn1.x86_64 \n java-1.8.0-openjdk-devel-1.8.0.161-0.b14.36.amzn1.x86_64 \n java-1.8.0-openjdk-demo-1.8.0.161-0.b14.36.amzn1.x86_64 \n java-1.8.0-openjdk-1.8.0.161-0.b14.36.amzn1.x86_64 \n java-1.8.0-openjdk-headless-1.8.0.161-0.b14.36.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2018-02-07T17:45:00", "published": "2018-02-07T17:45:00", "id": "ALAS-2018-949", "href": "https://alas.aws.amazon.com/ALAS-2018-949.html", "title": "Important: java-1.8.0-openjdk", "type": "amazon", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-11-10T12:34:59", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "**Issue Overview:**\n\nSingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) \nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. ([CVE-2018-2637 __](<https://access.redhat.com/security/cve/CVE-2018-2637>))\n\nLoading of classes from untrusted locations (I18n, 8182601) \nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. ([CVE-2018-2602 __](<https://access.redhat.com/security/cve/CVE-2018-2602>))\n\nLdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) \nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. ([CVE-2018-2588 __](<https://access.redhat.com/security/cve/CVE-2018-2588>))\n\nArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). ([CVE-2018-2663 __](<https://access.redhat.com/security/cve/CVE-2018-2663>))\n\nInsufficient validation of the invokeinterface instruction (Hotspot, 8174962) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N). ([CVE-2018-2582 __](<https://access.redhat.com/security/cve/CVE-2018-2582>))\n\nGTK library loading use-after-free (AWT, 8185325) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N). ([CVE-2018-2641 __](<https://access.redhat.com/security/cve/CVE-2018-2641>))\n\nLDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) \nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. ([CVE-2018-2633 __](<https://access.redhat.com/security/cve/CVE-2018-2633>))\n\nInsufficient strength of key agreement (JCE, 8185292) \nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. ([CVE-2018-2618 __](<https://access.redhat.com/security/cve/CVE-2018-2618>))\n\nUnsynchronized access to encryption key data (Libraries, 8172525) \nIt was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. ([CVE-2018-2579 __](<https://access.redhat.com/security/cve/CVE-2018-2579>))\n\nUnbounded memory allocation during deserialization (AWT, 8190289) \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). ([CVE-2018-2677 __](<https://access.redhat.com/security/cve/CVE-2018-2677>))\n\nDerValue unbounded memory allocation (Libraries, 8182387) \nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. ([CVE-2018-2603 __](<https://access.redhat.com/security/cve/CVE-2018-2603>)) \n \nUnbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). ([CVE-2018-2678 __](<https://access.redhat.com/security/cve/CVE-2018-2678>))\n\nUse of global credentials for HTTP/SPNEGO (JGSS, 8186600) \nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. ([CVE-2018-2634 __](<https://access.redhat.com/security/cve/CVE-2018-2634>))\n\nGSS context use-after-free (JGSS, 8186212) \nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. ([CVE-2018-2629 __](<https://access.redhat.com/security/cve/CVE-2018-2629>)) \n \nDnsClient missing source port randomization (JNDI, 8182125) \nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. ([CVE-2018-2599 __](<https://access.redhat.com/security/cve/CVE-2018-2599>))\n\n \n**Affected Packages:** \n\n\njava-1.8.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.8.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n noarch: \n java-1.8.0-openjdk-javadoc-1.8.0.161-0.b14.amzn2.noarch \n java-1.8.0-openjdk-javadoc-zip-1.8.0.161-0.b14.amzn2.noarch \n java-1.8.0-openjdk-javadoc-debug-1.8.0.161-0.b14.amzn2.noarch \n java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.161-0.b14.amzn2.noarch \n \n src: \n java-1.8.0-openjdk-1.8.0.161-0.b14.amzn2.src \n \n x86_64: \n java-1.8.0-openjdk-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-debug-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-headless-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-headless-debug-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-devel-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-devel-debug-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-demo-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-demo-debug-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-src-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-src-debug-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-accessibility-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-accessibility-debug-1.8.0.161-0.b14.amzn2.x86_64 \n java-1.8.0-openjdk-debuginfo-1.8.0.161-0.b14.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2018-02-07T17:47:00", "published": "2018-02-07T17:47:00", "id": "ALAS2-2018-949", "href": "https://alas.aws.amazon.com/AL2/ALAS-2018-949.html", "title": "Important: java-1.8.0-openjdk", "type": "amazon", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-11-10T12:36:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "**Issue Overview:**\n\nDerValue unbounded memory allocation: \nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. ([CVE-2018-2603 __](<https://access.redhat.com/security/cve/CVE-2018-2603>))\n\nUnsynchronized access to encryption key data \nIt was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. ([CVE-2018-2579 __](<https://access.redhat.com/security/cve/CVE-2018-2579>))\n\nUse of global credentials for HTTP/SPNEGO \nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. ([CVE-2018-2634 __](<https://access.redhat.com/security/cve/CVE-2018-2634>))\n\nLoading of classes from untrusted locations: \nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. ([CVE-2018-2602 __](<https://access.redhat.com/security/cve/CVE-2018-2602>))\n\nGTK library loading use-after-free: \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2018-2641 __](<https://access.redhat.com/security/cve/CVE-2018-2641>))\n\nLdapLoginModule insufficient username encoding in LDAP query: \nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. ([CVE-2018-2588 __](<https://access.redhat.com/security/cve/CVE-2018-2588>))\n\nSingleEntryRegistry incorrect setup of deserialization filter: \nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. ([CVE-2018-2637 __](<https://access.redhat.com/security/cve/CVE-2018-2637>))\n\nInsufficient strength of key agreement: \nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. ([CVE-2018-2618 __](<https://access.redhat.com/security/cve/CVE-2018-2618>))\n\nGSS context use-after-free: \nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. ([CVE-2018-2629 __](<https://access.redhat.com/security/cve/CVE-2018-2629>))\n\nLDAPCertStore insecure handling of LDAP referrals: \nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. ([CVE-2018-2633 __](<https://access.redhat.com/security/cve/CVE-2018-2633>))\n\nDnsClient missing source port randomization: \nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. ([CVE-2018-2599 __](<https://access.redhat.com/security/cve/CVE-2018-2599>))\n\nUnbounded memory allocation in BasicAttributes deserialization: \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. ([CVE-2018-2678 __](<https://access.redhat.com/security/cve/CVE-2018-2678>))\n\nArrayBlockingQueue deserialization to an inconsistent state: \nVulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. ([CVE-2018-2663 __](<https://access.redhat.com/security/cve/CVE-2018-2663>))\n\nUnbounded memory allocation during deserialization: \nVulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). ([CVE-2018-2677 __](<https://access.redhat.com/security/cve/CVE-2018-2677>))\n\n \n**Affected Packages:** \n\n\njava-1.7.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.7.0-openjdk_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n java-1.7.0-openjdk-1.7.0.171-2.6.13.0.76.amzn1.i686 \n java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.76.amzn1.i686 \n java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.76.amzn1.i686 \n java-1.7.0-openjdk-debuginfo-1.7.0.171-2.6.13.0.76.amzn1.i686 \n java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.76.amzn1.i686 \n \n noarch: \n java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.76.amzn1.noarch \n \n src: \n java-1.7.0-openjdk-1.7.0.171-2.6.13.0.76.amzn1.src \n \n x86_64: \n java-1.7.0-openjdk-debuginfo-1.7.0.171-2.6.13.0.76.amzn1.x86_64 \n java-1.7.0-openjdk-1.7.0.171-2.6.13.0.76.amzn1.x86_64 \n java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.76.amzn1.x86_64 \n java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.76.amzn1.x86_64 \n java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.76.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2018-03-21T22:12:00", "published": "2018-03-21T22:12:00", "id": "ALAS-2018-974", "href": "https://alas.aws.amazon.com/ALAS-2018-974.html", "title": "Important: java-1.7.0-openjdk", "type": "amazon", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-10-22T17:11:36", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "[1:1.8.0.161-0.b14]\n- Update to b14 with updated Zero fix for 8174962 (S8194828)\n- Resolves: rhbz#1528233\n[1:1.8.0.161-0.b13]\n- Update to b13 including Zero fix for 8174962 (S8194739) and restoring tzdata2017c update\n- Resolves: rhbz#1528233\n[1:1.8.0.161-0.b12]\n- Add new file cmsalpha.c to %{name}-remove-intree-libraries.sh\n- Resolves: rhbz#1528233\n[1:1.8.0.161-0.b12]\n- Replace tarballs with version including AArch64 fix for 8174962 (S8194686)\n- Resolves: rhbz#1528233\n[1:1.8.0.161-0.b12]\n- Switch bootstrap back to java-1.7.0-openjdk on all architectures, depending on RH1482244 fix\n- Resolves: rhbz#1528233\n[1:1.8.0.161-0.b12]\n- Update to aarch64-jdk8u161-b12 and aarch64-shenandoah-jdk8u161-b12 (mbalao)\n- Drop upstreamed patches for 8075484 (RH1490713), 8153711 (RH1284948),\n 8162384 (RH1358661), 8164293 (RH1459641), 8173941, 8175813 (RH1448880),\n 8175887 and 8180048 (RH1449870).(mbalao)\n- Resolves: rhbz#1528233", "edition": 7, "modified": "2018-01-17T00:00:00", "published": "2018-01-17T00:00:00", "id": "ELSA-2018-0095", "href": "http://linux.oracle.com/errata/ELSA-2018-0095.html", "title": "java-1.8.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:06", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "[1:1.7.0.171-2.6.13.0.0.1]\n- Update DISTRO_NAME in specfile\n[1:1.7.0.171-2.6.13.0]\n- Bump to 2.6.13 and u171b01.\n- Update java-1.7.0-openjdk-java-access-bridge-security.patch to apply after 8186080\n- Update RC4 patch (8076221/PR2809) to apply after 8148108 (DH lower limit increase)\n- Fix file path in rh1022017.patch.\n- Resolves: rhbz#1528233", "edition": 5, "modified": "2018-02-26T00:00:00", "published": "2018-02-26T00:00:00", "id": "ELSA-2018-0349", "href": "http://linux.oracle.com/errata/ELSA-2018-0349.html", "title": "java-1.7.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:33:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2018-01-18T00:00:00", "id": "OPENVAS:1361412562310910002", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310910002", "type": "openvas", "title": "RedHat Update for java-1.8.0-openjdk RHSA-2018:0095-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_RHSA-2018_0095-01_java-1.8.0-openjdk.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# RedHat Update for java-1.8.0-openjdk RHSA-2018:0095-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.910002\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-18 07:34:59 +0100 (Thu, 18 Jan 2018)\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\",\n \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\",\n \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\",\n \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for java-1.8.0-openjdk RHSA-2018:0095-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1.8.0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.8.0-openjdk packages provide\nthe OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development\nKit.\n\nSecurity Fix(es):\n\n * Multiple flaws were found in the Hotspot and AWT components of OpenJDK.\nAn untrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n * It was discovered that the LDAPCertStore class in the JNDI component of\nOpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled certificate\ndata. (CVE-2018-2633)\n\n * The JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO\nauthentication and always uses global credentials. It was discovered that\nthis could cause global credentials to be unexpectedly used by an untrusted\nJava application. (CVE-2018-2634)\n\n * It was discovered that the JMX component of OpenJDK failed to properly\nset the deserialization filter for the SingleEntryRegistry in certain\ncases. A remote attacker could possibly use this flaw to bypass intended\ndeserialization restrictions. (CVE-2018-2637)\n\n * It was discovered that the LDAP component of OpenJDK failed to properly\nencode special characters in user names when adding them to an LDAP search\nquery. A remote attacker could possibly use this flaw to manipulate LDAP\nqueries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n * It was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out DNS\nqueries. This could make it easier for a remote attacker to spoof responses\nto those queries. (CVE-2018-2599)\n\n * It was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as another\nlocal user by making their Java application load an attacker controlled\nclass file. (CVE-2018-2602)\n\n * It was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER encoded\ninput. A remote attacker could possibly use this flaw to make a Java\napplication use an excessive amount of memory if it parsed attacker\nsupplied DER encoded input. (CVE-2018-2603)\n\n * It was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficie ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"java-1.8.0-openjdk on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Server (v. 7),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2018:0095-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2018-January/msg00061.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(7|6)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk\", rpm:\"java-1.8.0-openjdk~1.8.0.161~0.b14.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-debuginfo\", rpm:\"java-1.8.0-openjdk-debuginfo~1.8.0.161~0.b14.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel\", rpm:\"java-1.8.0-openjdk-devel~1.8.0.161~0.b14.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless\", rpm:\"java-1.8.0-openjdk-headless~1.8.0.161~0.b14.el7_4\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk\", rpm:\"java-1.8.0-openjdk~1.8.0.161~3.b14.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-debuginfo\", rpm:\"java-1.8.0-openjdk-debuginfo~1.8.0.161~3.b14.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel\", rpm:\"java-1.8.0-openjdk-devel~1.8.0.161~3.b14.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless\", rpm:\"java-1.8.0-openjdk-headless~1.8.0.161~3.b14.el6_9\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "Check the version of java", "modified": "2019-03-08T00:00:00", "published": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310882830", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882830", "type": "openvas", "title": "CentOS Update for java CESA-2018:0095 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_0095_java_centos6.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for java CESA-2018:0095 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882830\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-19 07:42:38 +0100 (Fri, 19 Jan 2018)\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\",\n \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\",\n \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\",\n \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for java CESA-2018:0095 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of java\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.8.0-openjdk packages provide\nthe OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software\nDevelopment Kit.\n\nSecurity Fix(es):\n\n * Multiple flaws were found in the Hotspot and AWT components of OpenJDK.\nAn untrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n * It was discovered that the LDAPCertStore class in the JNDI component of\nOpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled certificate\ndata. (CVE-2018-2633)\n\n * The JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO\nauthentication and always uses global credentials. It was discovered that\nthis could cause global credentials to be unexpectedly used by an untrusted\nJava application. (CVE-2018-2634)\n\n * It was discovered that the JMX component of OpenJDK failed to properly\nset the deserialization filter for the SingleEntryRegistry in certain\ncases. A remote attacker could possibly use this flaw to bypass intended\ndeserialization restrictions. (CVE-2018-2637)\n\n * It was discovered that the LDAP component of OpenJDK failed to properly\nencode special characters in user names when adding them to an LDAP search\nquery. A remote attacker could possibly use this flaw to manipulate LDAP\nqueries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n * It was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out DNS\nqueries. This could make it easier for a remote attacker to spoof responses\nto those queries. (CVE-2018-2599)\n\n * It was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as another\nlocal user by making their Java application load an attacker controlled\nclass file. (CVE-2018-2602)\n\n * It was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER encoded\ninput. A remote attacker could possibly use this flaw to make a Java\napplication use an excessive amount of memory if it parsed attacker\nsupplied DER encoded input. (CVE-2018-2603)\n\n * It was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficient strength of used keys to\nadequately protect generated shared secret. This could make it easier to\nbreak data encryption by attacking key agreement rather than the encryption ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"java on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:0095\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-January/022712.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk\", rpm:\"java-1.8.0-openjdk~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-debug\", rpm:\"java-1.8.0-openjdk-debug~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-demo\", rpm:\"java-1.8.0-openjdk-demo~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-demo-debug\", rpm:\"java-1.8.0-openjdk-demo-debug~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel\", rpm:\"java-1.8.0-openjdk-devel~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel-debug\", rpm:\"java-1.8.0-openjdk-devel-debug~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless\", rpm:\"java-1.8.0-openjdk-headless~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless-debug\", rpm:\"java-1.8.0-openjdk-headless-debug~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-javadoc\", rpm:\"java-1.8.0-openjdk-javadoc~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-javadoc-debug\", rpm:\"java-1.8.0-openjdk-javadoc-debug~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-src\", rpm:\"java-1.8.0-openjdk-src~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-src-debug\", rpm:\"java-1.8.0-openjdk-src-debug~1.8.0.161~3.b14.el6_9\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2018-04-03T00:00:00", "id": "OPENVAS:1361412562310843490", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843490", "type": "openvas", "title": "Ubuntu Update for openjdk-8 USN-3613-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3613_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for openjdk-8 USN-3613-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843490\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-03 08:50:20 +0200 (Tue, 03 Apr 2018)\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\",\n \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\",\n \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\",\n \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for openjdk-8 USN-3613-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openjdk-8'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a race condition\n existed in the cryptography implementation in OpenJDK. An attacker could\n possibly use this to expose sensitive information. (CVE-2018-2579) It was\n discovered that the Hotspot component of OpenJDK did not properly validate uses\n of the invokeinterface JVM instruction. An attacker could possibly use this to\n access unauthorized resources. (CVE-2018-2582) It was discovered that the LDAP\n implementation in OpenJDK did not properly encode login names. A remote attacker\n could possibly use this to expose sensitive information. (CVE-2018-2588) It was\n discovered that the DNS client implementation in OpenJDK did not properly\n randomize source ports. A remote attacker could use this to spoof responses to\n DNS queries made by Java applications. (CVE-2018-2599) It was discovered that\n the Internationalization component of OpenJDK did not restrict search paths when\n loading resource bundle classes. A local attacker could use this to trick a user\n into running malicious code. (CVE-2018-2602) It was discovered that OpenJDK did\n not properly restrict memory allocations when parsing DER input. A remote\n attacker could possibly use this to cause a denial of service. (CVE-2018-2603)\n It was discovered that the Java Cryptography Extension (JCE) implementation in\n OpenJDK in some situations did guarantee sufficient strength of keys during key\n agreement. An attacker could use this to expose sensitive information.\n (CVE-2018-2618) It was discovered that the Java GSS implementation in OpenJDK in\n some situations did not properly handle GSS contexts in the native GSS library.\n An attacker could possibly use this to access unauthorized resources.\n (CVE-2018-2629) It was discovered that the LDAP implementation in OpenJDK did\n not properly handle LDAP referrals in some situations. An attacker could\n possibly use this to expose sensitive information or gain unauthorized\n privileges. (CVE-2018-2633) It was discovered that the Java GSS implementation\n in OpenJDK in some situations did not properly apply subject credentials. An\n attacker could possibly use this to expose sensitive information or gain access\n to unauthorized resources. (CVE-2018-2634) It was discovered that the Java\n Management Extensions (JMX) component of OpenJDK did not properly apply\n deserialization filters in some situations. An attacker could use this to bypass\n deserialization restrictions. (CVE-2018-2637) It was discovered that a\n use-after-free vulnerability existed in the AWT component of OpenJDK when\n loading the GTK library. An attacker could possibly use this to execute\n arbitrary code and escape Jav ... Description truncated, for more information\n please check the Reference URL\");\n script_tag(name:\"affected\", value:\"openjdk-8 on Ubuntu 17.10,\n Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3613-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3613-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(17\\.10|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk:amd64\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk:i386\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk-headless:amd64\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk-headless:i386\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre:amd64\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre:i386\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-headless:amd64\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-headless:i386\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-zero:amd64\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-zero:i386\", ver:\"8u162-b12-0ubuntu0.17.10.2\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk:amd64\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk:i386\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk-headless:amd64\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jdk-headless:i386\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre:amd64\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre:i386\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-headless:amd64\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-headless:i386\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-jamvm:amd64\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-jamvm:i386\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-zero:amd64\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-8-jre-zero:i386\", ver:\"8u162-b12-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-03-15T00:00:00", "id": "OPENVAS:1361412562310851714", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851714", "type": "openvas", "title": "openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2018:0679-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851714\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-03-15 08:48:36 +0100 (Thu, 15 Mar 2018)\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\",\n \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\",\n \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\",\n \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2018:0679-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_8_0-openjdk'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for java-1_8_0-openjdk fixes the following issues:\n\n Security issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366):\n\n - CVE-2018-2579: Improve key keying case\n\n - CVE-2018-2582: Better interface invocations\n\n - CVE-2018-2588: Improve LDAP logins\n\n - CVE-2018-2599: Improve reliability of DNS lookups\n\n - CVE-2018-2602: Improve usage messages\n\n - CVE-2018-2603: Improve PKCS usage\n\n - CVE-2018-2618: Stricter key generation\n\n - CVE-2018-2629: Improve GSS handling\n\n - CVE-2018-2633: Improve LDAP lookup robustness\n\n - CVE-2018-2634: Improve property negotiations\n\n - CVE-2018-2637: Improve JMX supportive features\n\n - CVE-2018-2641: Improve GTK initialization\n\n - CVE-2018-2663: More refactoring for deserialization cases\n\n - CVE-2018-2677: More refactoring for client deserialization cases\n\n - CVE-2018-2678: More refactoring for naming deserialization cases\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\");\n\n script_tag(name:\"affected\", value:\"java-1_8_0-openjdk on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:0679-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-03/msg00036.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk\", rpm:\"java-1_8_0-openjdk~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-accessibility\", rpm:\"java-1_8_0-openjdk-accessibility~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debuginfo\", rpm:\"java-1_8_0-openjdk-debuginfo~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debugsource\", rpm:\"java-1_8_0-openjdk-debugsource~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo\", rpm:\"java-1_8_0-openjdk-demo~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo-debuginfo\", rpm:\"java-1_8_0-openjdk-demo-debuginfo~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel\", rpm:\"java-1_8_0-openjdk-devel~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel-debuginfo\", rpm:\"java-1_8_0-openjdk-devel-debuginfo~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless\", rpm:\"java-1_8_0-openjdk-headless~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless-debuginfo\", rpm:\"java-1_8_0-openjdk-headless-debuginfo~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-src\", rpm:\"java-1_8_0-openjdk-src~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-javadoc\", rpm:\"java-1_8_0-openjdk-javadoc~1.8.0.161~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "Check the version of java", "modified": "2019-03-08T00:00:00", "published": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310882831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882831", "type": "openvas", "title": "CentOS Update for java CESA-2018:0095 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_0095_java_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for java CESA-2018:0095 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882831\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-19 07:43:28 +0100 (Fri, 19 Jan 2018)\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\",\n \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\",\n \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\",\n \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for java CESA-2018:0095 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of java\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The java-1.8.0-openjdk packages provide\nthe OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development\nKit.\n\nSecurity Fix(es):\n\n * Multiple flaws were found in the Hotspot and AWT components of OpenJDK.\nAn untrusted Java application or applet could use these flaws to bypass\ncertain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n * It was discovered that the LDAPCertStore class in the JNDI component of\nOpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled certificate\ndata. (CVE-2018-2633)\n\n * The JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO\nauthentication and always uses global credentials. It was discovered that\nthis could cause global credentials to be unexpectedly used by an untrusted\nJava application. (CVE-2018-2634)\n\n * It was discovered that the JMX component of OpenJDK failed to properly\nset the deserialization filter for the SingleEntryRegistry in certain\ncases. A remote attacker could possibly use this flaw to bypass intended\ndeserialization restrictions. (CVE-2018-2637)\n\n * It was discovered that the LDAP component of OpenJDK failed to properly\nencode special characters in user names when adding them to an LDAP search\nquery. A remote attacker could possibly use this flaw to manipulate LDAP\nqueries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n * It was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out DNS\nqueries. This could make it easier for a remote attacker to spoof responses\nto those queries. (CVE-2018-2599)\n\n * It was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as another\nlocal user by making their Java application load an attacker controlled\nclass file. (CVE-2018-2602)\n\n * It was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER encoded\ninput. A remote attacker could possibly use this flaw to make a Java\napplication use an excessive amount of memory if it parsed attacker\nsupplied DER encoded input. (CVE-2018-2603)\n\n * It was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficient strength of used keys to\nadequately protect generated shared secret. This could make it easier to\nbreak data encryption by attacking key agreement rather than the encryption ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"java on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:0095\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-January/022713.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk\", rpm:\"java-1.8.0-openjdk~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-accessibility\", rpm:\"java-1.8.0-openjdk-accessibility~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-accessibility-debug\", rpm:\"java-1.8.0-openjdk-accessibility-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-debug\", rpm:\"java-1.8.0-openjdk-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-demo\", rpm:\"java-1.8.0-openjdk-demo~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-demo-debug\", rpm:\"java-1.8.0-openjdk-demo-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel\", rpm:\"java-1.8.0-openjdk-devel~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel-debug\", rpm:\"java-1.8.0-openjdk-devel-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless\", rpm:\"java-1.8.0-openjdk-headless~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless-debug\", rpm:\"java-1.8.0-openjdk-headless-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-javadoc\", rpm:\"java-1.8.0-openjdk-javadoc~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-javadoc-debug\", rpm:\"java-1.8.0-openjdk-javadoc-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-javadoc-zip\", rpm:\"java-1.8.0-openjdk-javadoc-zip~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-javadoc-zip-debug\", rpm:\"java-1.8.0-openjdk-javadoc-zip-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-src\", rpm:\"java-1.8.0-openjdk-src~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.8.0-openjdk-src-debug\", rpm:\"java-1.8.0-openjdk-src-debug~1.8.0.161~0.b14.el7_4\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-02-20T18:45:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-02-18T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181028", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181028", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1028)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1028\");\n script_version(\"2020-02-18T10:52:53+0000\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-18 10:52:53 +0000 (Tue, 18 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:09:06 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1028)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1028\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1028\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'java-1.8.0-openjdk' package(s) announced via the EulerOS-SA-2018-1028 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'java-1.8.0-openjdk' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.8.0-openjdk\", rpm:\"java-1.8.0-openjdk~1.8.0.161~0.b14\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel\", rpm:\"java-1.8.0-openjdk-devel~1.8.0.161~0.b14\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless\", rpm:\"java-1.8.0-openjdk-headless~1.8.0.161~0.b14\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-06-11T15:46:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-06-09T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181027", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181027", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1027)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1027\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:08:49 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1027)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1027\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1027\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'java-1.8.0-openjdk' package(s) announced via the EulerOS-SA-2018-1027 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'java-1.8.0-openjdk' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.8.0-openjdk\", rpm:\"java-1.8.0-openjdk~1.8.0.161~0.b14\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.8.0-openjdk-devel\", rpm:\"java-1.8.0-openjdk-devel~1.8.0.161~0.b14\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.8.0-openjdk-headless\", rpm:\"java-1.8.0-openjdk-headless~1.8.0.161~0.b14\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-07-04T18:56:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "Several vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, sandbox bypass, execution of arbitrary code, incorrect\nLDAP/GSS authentication, insecure use of cryptography or bypass of\ndeserialisation restrictions.", "modified": "2019-07-04T00:00:00", "published": "2018-03-17T00:00:00", "id": "OPENVAS:1361412562310704144", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704144", "type": "openvas", "title": "Debian Security Advisory DSA 4144-1 (openjdk-8 - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4144-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704144\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\",\n \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\",\n \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_name(\"Debian Security Advisory DSA 4144-1 (openjdk-8 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-17 00:00:00 +0100 (Sat, 17 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4144.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"openjdk-8 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been\nfixed in version 8u162-b12-1~deb9u1.\n\nWe recommend that you upgrade your openjdk-8 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/openjdk-8\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, sandbox bypass, execution of arbitrary code, incorrect\nLDAP/GSS authentication, insecure use of cryptography or bypass of\ndeserialisation restrictions.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-dbg\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-demo\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-doc\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-jdk\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-jdk-headless\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-jre\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-jre-headless\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-jre-zero\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openjdk-8-source\", ver:\"8u162-b12-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-02-20T18:49:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-02-18T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181059", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181059", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2018-1059)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1059\");\n script_version(\"2020-02-18T10:52:53+0000\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-18 10:52:53 +0000 (Tue, 18 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:10:51 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2018-1059)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1059\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1059\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'java-1.7.0-openjdk' package(s) announced via the EulerOS-SA-2018-1059 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641)\n\nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain c ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'java-1.7.0-openjdk' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.7.0-openjdk\", rpm:\"java-1.7.0-openjdk~1.7.0.171~2.6.13.0\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.7.0-openjdk-devel\", rpm:\"java-1.7.0-openjdk-devel~1.7.0.171~2.6.13.0\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.7.0-openjdk-headless\", rpm:\"java-1.7.0-openjdk-headless~1.7.0.171~2.6.13.0\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-02-20T18:50:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-02-18T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181058", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2018-1058)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1058\");\n script_version(\"2020-02-18T10:52:53+0000\");\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-18 10:52:53 +0000 (Tue, 18 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:10:37 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2018-1058)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1058\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1058\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'java-1.7.0-openjdk' package(s) announced via the EulerOS-SA-2018-1058 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641)\n\nIt was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\nThe JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\nIt was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\nIt was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\nIt was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\nIt was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\nIt was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\nIt was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain c ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'java-1.7.0-openjdk' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.7.0-openjdk\", rpm:\"java-1.7.0-openjdk~1.7.0.171~2.6.13.0\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.7.0-openjdk-devel\", rpm:\"java-1.7.0-openjdk-devel~1.7.0.171~2.6.13.0\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.7.0-openjdk-headless\", rpm:\"java-1.7.0-openjdk-headless~1.7.0.171~2.6.13.0\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "nessus": [{"lastseen": "2021-03-01T01:35:25", "description": "An update for java-1.8.0-openjdk is now available for Red Hat\nEnterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime\nEnvironment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the Hotspot and AWT components of\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2018-2582,\nCVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component\nof OpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled\ncertificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using\nHTTP/SPNEGO authentication and always uses global credentials. It was\ndiscovered that this could cause global credentials to be unexpectedly\nused by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to\nproperly set the deserialization filter for the SingleEntryRegistry in\ncertain cases. A remote attacker could possibly use this flaw to\nbypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to\nproperly encode special characters in user names when adding them to\nan LDAP search query. A remote attacker could possibly use this flaw\nto manipulate LDAP queries performed by the LdapLoginModule class.\n(CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out\nDNS queries. This could make it easier for a remote attacker to spoof\nresponses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as\nanother local user by making their Java application load an attacker\ncontrolled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER\nencoded input. A remote attacker could possibly use this flaw to make\na Java application use an excessive amount of memory if it parsed\nattacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficient strength of used\nkeys to adequately protect generated shared secret. This could make it\neasier to break data encryption by attacking key agreement rather than\nthe encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to\nproperly handle GSS context in the native GSS library wrapper in\ncertain cases. A remote attacker could possibly make a Java\napplication using JGSS to use a previously freed context.\n(CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and\nJNDI components of OpenJDK did not sufficiently validate input when\ncreating object instances from the serialized form. A specially\ncrafted input could cause a Java application to create objects with an\ninconsistent state or use an excessive amount of memory when\ndeserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the\nLibraries component of OpenJDK did not properly synchronize access to\ntheir internal data. This could possibly cause a multi-threaded Java\napplication to apply weak encryption to data because of the use of a\nkey that was zeroed out. (CVE-2018-2579)\n\nNote: If the web browser plug-in provided by the icedtea-web package\nwas installed, the issues exposed via Java applets could have been\nexploited without user interaction if a user visited a malicious\nwebsite.", "edition": 29, "cvss3": {"score": 8.3, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2018-01-19T00:00:00", "title": "CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2018:0095)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-debug", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility-debug", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-src", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-src-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk"], "id": "CENTOS_RHSA-2018-0095.NASL", "href": "https://www.tenable.com/plugins/nessus/106172", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:0095 and \n# CentOS Errata and Security Advisory 2018:0095 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106172);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_xref(name:\"RHSA\", value:\"2018:0095\");\n\n script_name(english:\"CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2018:0095)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.8.0-openjdk is now available for Red Hat\nEnterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime\nEnvironment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were found in the Hotspot and AWT components of\nOpenJDK. An untrusted Java application or applet could use these flaws\nto bypass certain Java sandbox restrictions. (CVE-2018-2582,\nCVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component\nof OpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled\ncertificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using\nHTTP/SPNEGO authentication and always uses global credentials. It was\ndiscovered that this could cause global credentials to be unexpectedly\nused by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to\nproperly set the deserialization filter for the SingleEntryRegistry in\ncertain cases. A remote attacker could possibly use this flaw to\nbypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to\nproperly encode special characters in user names when adding them to\nan LDAP search query. A remote attacker could possibly use this flaw\nto manipulate LDAP queries performed by the LdapLoginModule class.\n(CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out\nDNS queries. This could make it easier for a remote attacker to spoof\nresponses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as\nanother local user by making their Java application load an attacker\ncontrolled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER\nencoded input. A remote attacker could possibly use this flaw to make\na Java application use an excessive amount of memory if it parsed\nattacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficient strength of used\nkeys to adequately protect generated shared secret. This could make it\neasier to break data encryption by attacking key agreement rather than\nthe encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to\nproperly handle GSS context in the native GSS library wrapper in\ncertain cases. A remote attacker could possibly make a Java\napplication using JGSS to use a previously freed context.\n(CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and\nJNDI components of OpenJDK did not sufficiently validate input when\ncreating object instances from the serialized form. A specially\ncrafted input could cause a Java application to create objects with an\ninconsistent state or use an excessive amount of memory when\ndeserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the\nLibraries component of OpenJDK did not properly synchronize access to\ntheir internal data. This could possibly cause a multi-threaded Java\napplication to apply weak encryption to data because of the use of a\nkey that was zeroed out. (CVE-2018-2579)\n\nNote: If the web browser plug-in provided by the icedtea-web package\nwas installed, the issues exposed via Java applets could have been\nexploited without user interaction if a user visited a malicious\nwebsite.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-January/022712.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?daa1dedf\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-January/022713.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4e81bd0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.8.0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2599\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x / 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-debug-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-demo-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-devel-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-headless-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-src-1.8.0.161-3.b14.el6_9\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.161-3.b14.el6_9\")) flag++;\n\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-1.8.0.161-0.b14.el7_4\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.161-0.b14.el7_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-03-01T01:56:16", "description": "Several vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, sandbox bypass, execution of arbitrary code, incorrect\nLDAP/GSS authentication, insecure use of cryptography or bypass of\ndeserialisation restrictions.", "edition": 25, "cvss3": {"score": 8.3, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2018-03-19T00:00:00", "title": "Debian DSA-4144-1 : openjdk-8 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openjdk-8", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4144.NASL", "href": "https://www.tenable.com/plugins/nessus/108421", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4144. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108421);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/11/13 12:30:46\");\n\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_xref(name:\"DSA\", value:\"4144\");\n\n script_name(english:\"Debian DSA-4144-1 : openjdk-8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, sandbox bypass, execution of arbitrary code, incorrect\nLDAP/GSS authentication, insecure use of cryptography or bypass of\ndeserialisation restrictions.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openjdk-8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjdk-8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4144\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjdk-8 packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u162-b12-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjdk-8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-dbg\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-demo\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-doc\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jdk\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jdk-headless\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jre\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jre-headless\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jre-zero\", reference:\"8u162-b12-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-source\", reference:\"8u162-b12-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-03-01T01:23:18", "description": "SingleEntryRegistry incorrect setup of deserialization filter (JMX,\n8186998)\n\nIt was discovered that the JMX component of OpenJDK failed to properly\nset the deserialization filter for the SingleEntryRegistry in certain\ncases. A remote attacker could possibly use this flaw to bypass\nintended deserialization restrictions. (CVE-2018-2637)\n\nLoading of classes from untrusted locations (I18n, 8182601)\n\nIt was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as\nanother local user by making their Java application load an attacker\ncontrolled class file. (CVE-2018-2602)\n\nLdapLoginModule insufficient username encoding in LDAP query (LDAP,\n8178449)\n\nIt was discovered that the LDAP component of OpenJDK failed to\nproperly encode special characters in user names when adding them to\nan LDAP search query. A remote attacker could possibly use this flaw\nto manipulate LDAP queries performed by the LdapLoginModule class.\n(CVE-2018-2588)\n\nArrayBlockingQueue deserialization to an inconsistent state\n(Libraries, 8189284)\n\nVulnerability in the Java SE, Java SE Embedded, JRockit component of\nOracle Java SE (subcomponent: Libraries). Easily exploitable\nvulnerability allows unauthenticated attacker with network access via\nmultiple protocols to compromise Java SE, Java SE Embedded, JRockit.\nSuccessful attacks require human interaction from a person other than\nthe attacker. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability\napplies to client and server deployment of Java. This vulnerability\ncan be exploited through sandboxed Java Web Start applications and\nsandboxed Java applets. It can also be exploited by supplying data to\nAPIs in the specified Component without using sandboxed Java Web Start\napplications or sandboxed Java applets, such as through a web service.\nCVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). (CVE-2018-2663)\n\nInsufficient validation of the invokeinterface instruction (Hotspot,\n8174962)\n\nVulnerability in the Java SE, Java SE Embedded component of Oracle\nJava SE (subcomponent: Hotspot). Easily exploitable vulnerability\nallows unauthenticated attacker with network access via multiple\nprotocols to compromise Java SE, Java SE Embedded. Successful attacks\nrequire human interaction from a person other than the attacker.\nSuccessful attacks of this vulnerability can result in unauthorized\ncreation, deletion or modification access to critical data or all Java\nSE, Java SE Embedded accessible data. Note: This vulnerability applies\nto client and server deployment of Java. This vulnerability can be\nexploited through sandboxed Java Web Start applications and sandboxed\nJava applets. It can also be exploited by supplying data to APIs in\nthe specified Component without using sandboxed Java Web Start\napplications or sandboxed Java applets, such as through a web service.\nCVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N). (CVE-2018-2582)\n\nGTK library loading use-after-free (AWT, 8185325)\n\nVulnerability in the Java SE, Java SE Embedded component of Oracle\nJava SE (subcomponent: AWT). Difficult to exploit vulnerability allows\nunauthenticated attacker with network access via multiple protocols to\ncompromise Java SE, Java SE Embedded. Successful attacks require human\ninteraction from a person other than the attacker and while the\nvulnerability is in Java SE, Java SE Embedded, attacks may\nsignificantly impact additional products. Successful attacks of this\nvulnerability can result in unauthorized creation, deletion or\nmodification access to critical data or all Java SE, Java SE Embedded\naccessible data. Note: This vulnerability applies to Java deployments,\ntypically in clients running sandboxed Java Web Start applications or\nsandboxed Java applets, that load and run untrusted code (e.g., code\nthat comes from the internet) and rely on the Java sandbox for\nsecurity. This vulnerability does not apply to Java deployments,\ntypically in servers, that load and run only trusted code (e.g., code\ninstalled by an administrator). CVSS 3.0 Base Score 6.1 (Integrity\nimpacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).\n(CVE-2018-2641)\n\nLDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)\n\nIt was discovered that the LDAPCertStore class in the JNDI component\nof OpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled\ncertificate data. (CVE-2018-2633)\n\nInsufficient strength of key agreement (JCE, 8185292)\n\nIt was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficient strength of used\nkeys to adequately protect generated shared secret. This could make it\neasier to break data encryption by attacking key agreement rather than\nthe encryption using the negotiated secret. (CVE-2018-2618)\n\nUnsynchronized access to encryption key data (Libraries, 8172525)\n\nIt was discovered that multiple encryption key classes in the\nLibraries component of OpenJDK did not properly synchronize access to\ntheir internal data. This could possibly cause a multi-threaded Java\napplication to apply weak encryption to data because of the use of a\nkey that was zeroed out. (CVE-2018-2579)\n\nUnbounded memory allocation during deserialization (AWT, 8190289)\n\nVulnerability in the Java SE, Java SE Embedded component of Oracle\nJava SE (subcomponent: AWT). Easily exploitable vulnerability allows\nunauthenticated attacker with network access via multiple protocols to\ncompromise Java SE, Java SE Embedded. Successful attacks require human\ninteraction from a person other than the attacker. Successful attacks\nof this vulnerability can result in unauthorized ability to cause a\npartial denial of service (partial DOS) of Java SE, Java SE Embedded.\nNote: This vulnerability applies to Java deployments, typically in\nclients running sandboxed Java Web Start applications or sandboxed\nJava applets, that load and run untrusted code (e.g., code that comes\nfrom the internet) and rely on the Java sandbox for security. This\nvulnerability does not apply to Java deployments, typically in\nservers, that load and run only trusted code (e.g., code installed by\nan administrator). CVSS 3.0 Base Score 4.3 (Availability impacts).\nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n(CVE-2018-2677)\n\nDerValue unbounded memory allocation (Libraries, 8182387)\n\nIt was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER\nencoded input. A remote attacker could possibly use this flaw to make\na Java application use an excessive amount of memory if it parsed\nattacker supplied DER encoded input. (CVE-2018-2603)\n\nUnbounded memory allocation in BasicAttributes deserialization (JNDI,\n8191142)\n\nVulnerability in the Java SE, Java SE Embedded, JRockit component of\nOracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability\nallows unauthenticated attacker with network access via multiple\nprotocols to compromise Java SE, Java SE Embedded, JRockit. Successful\nattacks require human interaction from a person other than the\nattacker. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability\napplies to client and server deployment of Java. This vulnerability\ncan be exploited through sandboxed Java Web Start applications and\nsandboxed Java applets. It can also be exploited by supplying data to\nAPIs in the specified Component without using sandboxed Java Web Start\napplications or sandboxed Java applets, such as through a web service.\nCVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). (CVE-2018-2678)\n\nUse of global credentials for HTTP/SPNEGO (JGSS, 8186600)\n\nThe JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using\nHTTP/SPNEGO authentication and always uses global credentials. It was\ndiscovered that this could cause global credentials to be unexpectedly\nused by an untrusted Java application. (CVE-2018-2634)\n\nGSS context use-after-free (JGSS, 8186212)\n\nIt was discovered that the JGSS component of OpenJDK failed to\nproperly handle GSS context in the native GSS library wrapper in\ncertain cases. A remote attacker could possibly make a Java\napplication using JGSS to use a previously freed context.\n(CVE-2018-2629)\n\nDnsClient missing source port randomization (JNDI, 8182125)\n\nIt was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out\nDNS queries. This could make it easier for a remote attacker to spoof\nresponses to those queries. (CVE-2018-2599)", "edition": 24, "cvss3": {"score": 8.3, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2018-02-09T00:00:00", "title": "Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2018-949)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:java-1.8.0-openjdk-headless", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-devel", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-src", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-debuginfo", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-demo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-949.NASL", "href": "https://www.tenable.com/plugins/nessus/106694", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-949.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106694);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2019/07/10 16:04:12\");\n\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_xref(name:\"ALAS\", value:\"2018-949\");\n\n script_name(english:\"Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2018-949)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SingleEntryRegistry incorrect setup of deserialization filter (JMX,\n8186998)\n\nIt was discovered that the JMX component of OpenJDK failed to properly\nset the deserialization filter for the SingleEntryRegistry in certain\ncases. A remote attacker could possibly use this flaw to bypass\nintended deserialization restrictions. (CVE-2018-2637)\n\nLoading of classes from untrusted locations (I18n, 8182601)\n\nIt was discovered that the I18n component of OpenJDK could use an\nuntrusted search path when loading resource bundle classes. A local\nattacker could possibly use this flaw to execute arbitrary code as\nanother local user by making their Java application load an attacker\ncontrolled class file. (CVE-2018-2602)\n\nLdapLoginModule insufficient username encoding in LDAP query (LDAP,\n8178449)\n\nIt was discovered that the LDAP component of OpenJDK failed to\nproperly encode special characters in user names when adding them to\nan LDAP search query. A remote attacker could possibly use this flaw\nto manipulate LDAP queries performed by the LdapLoginModule class.\n(CVE-2018-2588)\n\nArrayBlockingQueue deserialization to an inconsistent state\n(Libraries, 8189284)\n\nVulnerability in the Java SE, Java SE Embedded, JRockit component of\nOracle Java SE (subcomponent: Libraries). Easily exploitable\nvulnerability allows unauthenticated attacker with network access via\nmultiple protocols to compromise Java SE, Java SE Embedded, JRockit.\nSuccessful attacks require human interaction from a person other than\nthe attacker. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability\napplies to client and server deployment of Java. This vulnerability\ncan be exploited through sandboxed Java Web Start applications and\nsandboxed Java applets. It can also be exploited by supplying data to\nAPIs in the specified Component without using sandboxed Java Web Start\napplications or sandboxed Java applets, such as through a web service.\nCVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). (CVE-2018-2663)\n\nInsufficient validation of the invokeinterface instruction (Hotspot,\n8174962)\n\nVulnerability in the Java SE, Java SE Embedded component of Oracle\nJava SE (subcomponent: Hotspot). Easily exploitable vulnerability\nallows unauthenticated attacker with network access via multiple\nprotocols to compromise Java SE, Java SE Embedded. Successful attacks\nrequire human interaction from a person other than the attacker.\nSuccessful attacks of this vulnerability can result in unauthorized\ncreation, deletion or modification access to critical data or all Java\nSE, Java SE Embedded accessible data. Note: This vulnerability applies\nto client and server deployment of Java. This vulnerability can be\nexploited through sandboxed Java Web Start applications and sandboxed\nJava applets. It can also be exploited by supplying data to APIs in\nthe specified Component without using sandboxed Java Web Start\napplications or sandboxed Java applets, such as through a web service.\nCVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N). (CVE-2018-2582)\n\nGTK library loading use-after-free (AWT, 8185325)\n\nVulnerability in the Java SE, Java SE Embedded component of Oracle\nJava SE (subcomponent: AWT). Difficult to exploit vulnerability allows\nunauthenticated attacker with network access via multiple protocols to\ncompromise Java SE, Java SE Embedded. Successful attacks require human\ninteraction from a person other than the attacker and while the\nvulnerability is in Java SE, Java SE Embedded, attacks may\nsignificantly impact additional products. Successful attacks of this\nvulnerability can result in unauthorized creation, deletion or\nmodification access to critical data or all Java SE, Java SE Embedded\naccessible data. Note: This vulnerability applies to Java deployments,\ntypically in clients running sandboxed Java Web Start applications or\nsandboxed Java applets, that load and run untrusted code (e.g., code\nthat comes from the internet) and rely on the Java sandbox for\nsecurity. This vulnerability does not apply to Java deployments,\ntypically in servers, that load and run only trusted code (e.g., code\ninstalled by an administrator). CVSS 3.0 Base Score 6.1 (Integrity\nimpacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).\n(CVE-2018-2641)\n\nLDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)\n\nIt was discovered that the LDAPCertStore class in the JNDI component\nof OpenJDK failed to securely handle LDAP referrals. An attacker could\npossibly use this flaw to make it fetch attacker controlled\ncertificate data. (CVE-2018-2633)\n\nInsufficient strength of key agreement (JCE, 8185292)\n\nIt was discovered that the key agreement implementations in the JCE\ncomponent of OpenJDK did not guarantee sufficient strength of used\nkeys to adequately protect generated shared secret. This could make it\neasier to break data encryption by attacking key agreement rather than\nthe encryption using the negotiated secret. (CVE-2018-2618)\n\nUnsynchronized access to encryption key data (Libraries, 8172525)\n\nIt was discovered that multiple encryption key classes in the\nLibraries component of OpenJDK did not properly synchronize access to\ntheir internal data. This could possibly cause a multi-threaded Java\napplication to apply weak encryption to data because of the use of a\nkey that was zeroed out. (CVE-2018-2579)\n\nUnbounded memory allocation during deserialization (AWT, 8190289)\n\nVulnerability in the Java SE, Java SE Embedded component of Oracle\nJava SE (subcomponent: AWT). Easily exploitable vulnerability allows\nunauthenticated attacker with network access via multiple protocols to\ncompromise Java SE, Java SE Embedded. Successful attacks require human\ninteraction from a person other than the attacker. Successful attacks\nof this vulnerability can result in unauthorized ability to cause a\npartial denial of service (partial DOS) of Java SE, Java SE Embedded.\nNote: This vulnerability applies to Java deployments, typically in\nclients running sandboxed Java Web Start applications or sandboxed\nJava applets, that load and run untrusted code (e.g., code that comes\nfrom the internet) and rely on the Java sandbox for security. This\nvulnerability does not apply to Java deployments, typically in\nservers, that load and run only trusted code (e.g., code installed by\nan administrator). CVSS 3.0 Base Score 4.3 (Availability impacts).\nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n(CVE-2018-2677)\n\nDerValue unbounded memory allocation (Libraries, 8182387)\n\nIt was discovered that the Libraries component of OpenJDK failed to\nsufficiently limit the amount of memory allocated when reading DER\nencoded input. A remote attacker could possibly use this flaw to make\na Java application use an excessive amount of memory if it parsed\nattacker supplied DER encoded input. (CVE-2018-2603)\n\nUnbounded memory allocation in BasicAttributes deserialization (JNDI,\n8191142)\n\nVulnerability in the Java SE, Java SE Embedded, JRockit component of\nOracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability\nallows unauthenticated attacker with network access via multiple\nprotocols to compromise Java SE, Java SE Embedded, JRockit. Successful\nattacks require human interaction from a person other than the\nattacker. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability\napplies to client and server deployment of Java. This vulnerability\ncan be exploited through sandboxed Java Web Start applications and\nsandboxed Java applets. It can also be exploited by supplying data to\nAPIs in the specified Component without using sandboxed Java Web Start\napplications or sandboxed Java applets, such as through a web service.\nCVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). (CVE-2018-2678)\n\nUse of global credentials for HTTP/SPNEGO (JGSS, 8186600)\n\nThe JGSS component of OpenJDK ignores the value of the\njavax.security.auth.useSubjectCredsOnly property when using\nHTTP/SPNEGO authentication and always uses global credentials. It was\ndiscovered that this could cause global credentials to be unexpectedly\nused by an untrusted Java application. (CVE-2018-2634)\n\nGSS context use-after-free (JGSS, 8186212)\n\nIt was discovered that the JGSS component of OpenJDK failed to\nproperly handle GSS context in the native GSS library wrapper in\ncertain cases. A remote attacker could possibly make a Java\napplication using JGSS to use a previously freed context.\n(CVE-2018-2629)\n\nDnsClient missing source port randomization (JNDI, 8182125)\n\nIt was discovered that the DNS client implementation in the JNDI\ncomponent of OpenJDK did not use random source ports when sending out\nDNS queries. This could make it easier for a remote attacker to spoof\nresponses to those queries. (CVE-2018-2599)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-949.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update java-1.8.0-openjdk' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-debuginfo-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-demo-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-devel-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-headless-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.161-0.b14.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"java-1.8.0-openjdk-src-1.8.0.161-0.b14.36.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-debuginfo / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-07T08:52:57", "description": "According to the versions of the java-1.8.0-openjdk packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Multiple flaws were found in the Hotspot and AWT\n components of OpenJDK. An untrusted Java application or\n applet could use these flaws to bypass certain Java\n sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle\n LDAP referrals. An attacker could possibly use this\n flaw to make it fetch attacker controlled certificate\n data. (CVE-2018-2633)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass\n intended deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A\n remote attacker could possibly use this flaw to\n manipulate LDAP queries performed by the\n LdapLoginModule class. (CVE-2018-2588)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to\n those queries. (CVE-2018-2599)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading\n resource bundle classes. A local attacker could\n possibly use this flaw to execute arbitrary code as\n another local user by making their Java application\n load an attacker controlled class file. (CVE-2018-2602)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if\n it parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the key agreement\n implementations in the JCE component of OpenJDK did not\n guarantee sufficient strength of used keys to\n adequately protect generated shared secret. This could\n make it easier to break data encryption by attacking\n key agreement rather than the encryption using the\n negotiated secret. (CVE-2018-2618)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to\n use a previously freed context. (CVE-2018-2629)\n\n - It was discovered that multiple classes in the\n Libraries, AWT, and JNDI components of OpenJDK did not\n sufficiently validate input when creating object\n instances from the serialized form. A specially-crafted\n input could cause a Java application to create objects\n with an inconsistent state or use an excessive amount\n of memory when deserialized. (CVE-2018-2663,\n CVE-2018-2677, CVE-2018-2678)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 86, "cvss3": {"score": 4.8, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2018-01-29T00:00:00", "title": "EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2018-1028)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2018-01-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:java-1.8.0-openjdk", "p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-headless", "p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1028.NASL", "href": "https://www.tenable.com/plugins/nessus/106403", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106403);\n script_version(\"3.98\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-2579\",\n \"CVE-2018-2582\",\n \"CVE-2018-2588\",\n \"CVE-2018-2599\",\n \"CVE-2018-2602\",\n \"CVE-2018-2603\",\n \"CVE-2018-2618\",\n \"CVE-2018-2629\",\n \"CVE-2018-2633\",\n \"CVE-2018-2634\",\n \"CVE-2018-2637\",\n \"CVE-2018-2641\",\n \"CVE-2018-2663\",\n \"CVE-2018-2677\",\n \"CVE-2018-2678\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2018-1028)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the java-1.8.0-openjdk packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Multiple flaws were found in the Hotspot and AWT\n components of OpenJDK. An untrusted Java application or\n applet could use these flaws to bypass certain Java\n sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle\n LDAP referrals. An attacker could possibly use this\n flaw to make it fetch attacker controlled certificate\n data. (CVE-2018-2633)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass\n intended deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A\n remote attacker could possibly use this flaw to\n manipulate LDAP queries performed by the\n LdapLoginModule class. (CVE-2018-2588)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to\n those queries. (CVE-2018-2599)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading\n resource bundle classes. A local attacker could\n possibly use this flaw to execute arbitrary code as\n another local user by making their Java application\n load an attacker controlled class file. (CVE-2018-2602)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if\n it parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the key agreement\n implementations in the JCE component of OpenJDK did not\n guarantee sufficient strength of used keys to\n adequately protect generated shared secret. This could\n make it easier to break data encryption by attacking\n key agreement rather than the encryption using the\n negotiated secret. (CVE-2018-2618)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to\n use a previously freed context. (CVE-2018-2629)\n\n - It was discovered that multiple classes in the\n Libraries, AWT, and JNDI components of OpenJDK did not\n sufficiently validate input when creating object\n instances from the serialized form. A specially-crafted\n input could cause a Java application to create objects\n with an inconsistent state or use an excessive amount\n of memory when deserialized. (CVE-2018-2663,\n CVE-2018-2677, CVE-2018-2678)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1028\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3be48844\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"java-1.8.0-openjdk-1.8.0.161-0.b14\",\n \"java-1.8.0-openjdk-devel-1.8.0.161-0.b14\",\n \"java-1.8.0-openjdk-headless-1.8.0.161-0.b14\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-03-01T07:34:48", "description": "It was discovered that a race condition existed in the cryptography\nimplementation in OpenJDK. An attacker could possibly use this to\nexpose sensitive information. (CVE-2018-2579)\n\nIt was discovered that the Hotspot component of OpenJDK did not\nproperly validate uses of the invokeinterface JVM instruction. An\nattacker could possibly use this to access unauthorized resources.\n(CVE-2018-2582)\n\nIt was discovered that the LDAP implementation in OpenJDK did not\nproperly encode login names. A remote attacker could possibly use this\nto expose sensitive information. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in OpenJDK did\nnot properly randomize source ports. A remote attacker could use this\nto spoof responses to DNS queries made by Java applications.\n(CVE-2018-2599)\n\nIt was discovered that the Internationalization component of OpenJDK\ndid not restrict search paths when loading resource bundle classes. A\nlocal attacker could use this to trick a user into running malicious\ncode. (CVE-2018-2602)\n\nIt was discovered that OpenJDK did not properly restrict memory\nallocations when parsing DER input. A remote attacker could possibly\nuse this to cause a denial of service. (CVE-2018-2603)\n\nIt was discovered that the Java Cryptography Extension (JCE)\nimplementation in OpenJDK in some situations did guarantee sufficient\nstrength of keys during key agreement. An attacker could use this to\nexpose sensitive information. (CVE-2018-2618)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some\nsituations did not properly handle GSS contexts in the native GSS\nlibrary. An attacker could possibly use this to access unauthorized\nresources. (CVE-2018-2629)\n\nIt was discovered that the LDAP implementation in OpenJDK did not\nproperly handle LDAP referrals in some situations. An attacker could\npossibly use this to expose sensitive information or gain unauthorized\nprivileges. (CVE-2018-2633)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some\nsituations did not properly apply subject credentials. An attacker\ncould possibly use this to expose sensitive information or gain access\nto unauthorized resources. (CVE-2018-2634)\n\nIt was discovered that the Java Management Extensions (JMX) component\nof OpenJDK did not properly apply deserialization filters in some\nsituations. An attacker could use this to bypass deserialization\nrestrictions. (CVE-2018-2637)\n\nIt was discovered that a use-after-free vulnerability existed in the\nAWT component of OpenJDK when loading the GTK library. An attacker\ncould possibly use this to execute arbitrary code and escape Java\nsandbox restrictions. (CVE-2018-2641)\n\nIt was discovered that in some situations OpenJDK did not properly\nvalidate objects when performing deserialization. An attacker could\nuse this to cause a denial of service (application crash or excessive\nmemory consumption). (CVE-2018-2663)\n\nIt was discovered that the AWT component of OpenJDK did not properly\nrestrict the amount of memory allocated when deserializing some\nobjects. An attacker could use this to cause a denial of service\n(excessive memory consumption). (CVE-2018-2677)\n\nIt was discovered that the JNDI component of OpenJDK did not properly\nrestrict the amount of memory allocated when deserializing objects in\nsome situations. An attacker could use this to cause a denial of\nservice (excessive memory consumption). (CVE-2018-2678).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "cvss3": {"score": 8.3, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2018-04-03T00:00:00", "title": "Ubuntu 16.04 LTS / 17.10 : openjdk-8 vulnerabilities (USN-3613-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:17.10", "p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jdk-headless", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-jamvm", "p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-zero", "p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre", "p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jdk", "p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-headless"], "id": "UBUNTU_USN-3613-1.NASL", "href": "https://www.tenable.com/plugins/nessus/108793", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3613-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108793);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/09/18 12:31:48\");\n\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n script_xref(name:\"USN\", value:\"3613-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 17.10 : openjdk-8 vulnerabilities (USN-3613-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a race condition existed in the cryptography\nimplementation in OpenJDK. An attacker could possibly use this to\nexpose sensitive information. (CVE-2018-2579)\n\nIt was discovered that the Hotspot component of OpenJDK did not\nproperly validate uses of the invokeinterface JVM instruction. An\nattacker could possibly use this to access unauthorized resources.\n(CVE-2018-2582)\n\nIt was discovered that the LDAP implementation in OpenJDK did not\nproperly encode login names. A remote attacker could possibly use this\nto expose sensitive information. (CVE-2018-2588)\n\nIt was discovered that the DNS client implementation in OpenJDK did\nnot properly randomize source ports. A remote attacker could use this\nto spoof responses to DNS queries made by Java applications.\n(CVE-2018-2599)\n\nIt was discovered that the Internationalization component of OpenJDK\ndid not restrict search paths when loading resource bundle classes. A\nlocal attacker could use this to trick a user into running malicious\ncode. (CVE-2018-2602)\n\nIt was discovered that OpenJDK did not properly restrict memory\nallocations when parsing DER input. A remote attacker could possibly\nuse this to cause a denial of service. (CVE-2018-2603)\n\nIt was discovered that the Java Cryptography Extension (JCE)\nimplementation in OpenJDK in some situations did guarantee sufficient\nstrength of keys during key agreement. An attacker could use this to\nexpose sensitive information. (CVE-2018-2618)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some\nsituations did not properly handle GSS contexts in the native GSS\nlibrary. An attacker could possibly use this to access unauthorized\nresources. (CVE-2018-2629)\n\nIt was discovered that the LDAP implementation in OpenJDK did not\nproperly handle LDAP referrals in some situations. An attacker could\npossibly use this to expose sensitive information or gain unauthorized\nprivileges. (CVE-2018-2633)\n\nIt was discovered that the Java GSS implementation in OpenJDK in some\nsituations did not properly apply subject credentials. An attacker\ncould possibly use this to expose sensitive information or gain access\nto unauthorized resources. (CVE-2018-2634)\n\nIt was discovered that the Java Management Extensions (JMX) component\nof OpenJDK did not properly apply deserialization filters in some\nsituations. An attacker could use this to bypass deserialization\nrestrictions. (CVE-2018-2637)\n\nIt was discovered that a use-after-free vulnerability existed in the\nAWT component of OpenJDK when loading the GTK library. An attacker\ncould possibly use this to execute arbitrary code and escape Java\nsandbox restrictions. (CVE-2018-2641)\n\nIt was discovered that in some situations OpenJDK did not properly\nvalidate objects when performing deserialization. An attacker could\nuse this to cause a denial of service (application crash or excessive\nmemory consumption). (CVE-2018-2663)\n\nIt was discovered that the AWT component of OpenJDK did not properly\nrestrict the amount of memory allocated when deserializing some\nobjects. An attacker could use this to cause a denial of service\n(excessive memory consumption). (CVE-2018-2677)\n\nIt was discovered that the JNDI component of OpenJDK did not properly\nrestrict the amount of memory allocated when deserializing objects in\nsome situations. An attacker could use this to cause a denial of\nservice (excessive memory consumption). (CVE-2018-2678).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3613-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-jamvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-8-jre-zero\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|17\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 17.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"openjdk-8-jdk\", pkgver:\"8u162-b12-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"openjdk-8-jdk-headless\", pkgver:\"8u162-b12-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"openjdk-8-jre\", pkgver:\"8u162-b12-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"openjdk-8-jre-headless\", pkgver:\"8u162-b12-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"openjdk-8-jre-jamvm\", pkgver:\"8u162-b12-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"openjdk-8-jre-zero\", pkgver:\"8u162-b12-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"openjdk-8-jdk\", pkgver:\"8u162-b12-0ubuntu0.17.10.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"openjdk-8-jdk-headless\", pkgver:\"8u162-b12-0ubuntu0.17.10.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"openjdk-8-jre\", pkgver:\"8u162-b12-0ubuntu0.17.10.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"openjdk-8-jre-headless\", pkgver:\"8u162-b12-0ubuntu0.17.10.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"openjdk-8-jre-zero\", pkgver:\"8u162-b12-0ubuntu0.17.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjdk-8-jdk / openjdk-8-jdk-headless / openjdk-8-jre / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-17T12:01:49", "description": "The remote NewStart CGSL host, running version MAIN 5.04, has java-1.8.0-openjdk packages installed that are affected by\nmultiple vulnerabilities:\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: JNDI).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2678)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily\n exploitable vulnerability allows unauthenticated\n attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks\n require human interaction from a person other than the\n attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial\n of service (partial DOS) of Java SE, Java SE Embedded.\n Note: This vulnerability applies to Java deployments,\n typically in clients running sandboxed Java Web Start\n applications or sandboxed Java applets, that load and\n run untrusted code (e.g., code that comes from the\n internet) and rely on the Java sandbox for security.\n This vulnerability does not apply to Java deployments,\n typically in servers, that load and run only trusted\n code (e.g., code installed by an administrator). CVSS\n 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2677)\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Libraries).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2663)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A remote\n attacker could possibly use this flaw to manipulate LDAP\n queries performed by the LdapLoginModule class.\n (CVE-2018-2588)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading resource\n bundle classes. A local attacker could possibly use this\n flaw to execute arbitrary code as another local user by\n making their Java application load an attacker\n controlled class file. (CVE-2018-2602)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to those\n queries. (CVE-2018-2599)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if it\n parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to use\n a previously freed context. (CVE-2018-2629)\n\n - It was discovered that the key agreement implementations\n in the JCE component of OpenJDK did not guarantee\n sufficient strength of used keys to adequately protect\n generated shared secret. This could make it easier to\n break data encryption by attacking key agreement rather\n than the encryption using the negotiated secret.\n (CVE-2018-2618)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to\n exploit vulnerability allows unauthenticated attacker\n with network access via multiple protocols to compromise\n Java SE, Java SE Embedded. Successful attacks require\n human interaction from a person other than the attacker\n and while the vulnerability is in Java SE, Java SE\n Embedded, attacks may significantly impact additional\n products. Successful attacks of this vulnerability can\n result in unauthorized creation, deletion or\n modification access to critical data or all Java SE,\n Java SE Embedded accessible data. Note: This\n vulnerability applies to Java deployments, typically in\n clients running sandboxed Java Web Start applications or\n sandboxed Java applets, that load and run untrusted code\n (e.g., code that comes from the internet) and rely on\n the Java sandbox for security. This vulnerability does\n not apply to Java deployments, typically in servers,\n that load and run only trusted code (e.g., code\n installed by an administrator). CVSS 3.0 Base Score 6.1\n (Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).\n (CVE-2018-2641)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: Hotspot). Supported\n versions that are affected are Java SE: 8u152 and 9.0.1;\n Java SE Embedded: 8u151. Easily exploitable\n vulnerability allows unauthenticated attacker with\n network access via multiple protocols to compromise Java\n SE, Java SE Embedded. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized creation, deletion or modification access\n to critical data or all Java SE, Java SE Embedded\n accessible data. Note: This vulnerability applies to\n client and server deployment of Java. This vulnerability\n can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be\n exploited by supplying data to APIs in the specified\n Component without using sandboxed Java Web Start\n applications or sandboxed Java applets, such as through\n a web service. CVSS 3.0 Base Score 6.5 (Integrity\n impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).\n (CVE-2018-2582)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass intended\n deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle LDAP\n referrals. An attacker could possibly use this flaw to\n make it fetch attacker controlled certificate data.\n (CVE-2018-2633)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 17, "cvss3": {"score": 7.4, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-08-12T00:00:00", "title": "NewStart CGSL MAIN 5.04 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0016)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2019-08-12T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0016_JAVA-1.8.0-OPENJDK.NASL", "href": "https://www.tenable.com/plugins/nessus/127170", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0016. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127170);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2018-2579\",\n \"CVE-2018-2582\",\n \"CVE-2018-2588\",\n \"CVE-2018-2599\",\n \"CVE-2018-2602\",\n \"CVE-2018-2603\",\n \"CVE-2018-2618\",\n \"CVE-2018-2629\",\n \"CVE-2018-2633\",\n \"CVE-2018-2634\",\n \"CVE-2018-2637\",\n \"CVE-2018-2641\",\n \"CVE-2018-2663\",\n \"CVE-2018-2677\",\n \"CVE-2018-2678\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 5.04 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0016)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 5.04, has java-1.8.0-openjdk packages installed that are affected by\nmultiple vulnerabilities:\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: JNDI).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2678)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily\n exploitable vulnerability allows unauthenticated\n attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks\n require human interaction from a person other than the\n attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial\n of service (partial DOS) of Java SE, Java SE Embedded.\n Note: This vulnerability applies to Java deployments,\n typically in clients running sandboxed Java Web Start\n applications or sandboxed Java applets, that load and\n run untrusted code (e.g., code that comes from the\n internet) and rely on the Java sandbox for security.\n This vulnerability does not apply to Java deployments,\n typically in servers, that load and run only trusted\n code (e.g., code installed by an administrator). CVSS\n 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2677)\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Libraries).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2663)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A remote\n attacker could possibly use this flaw to manipulate LDAP\n queries performed by the LdapLoginModule class.\n (CVE-2018-2588)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading resource\n bundle classes. A local attacker could possibly use this\n flaw to execute arbitrary code as another local user by\n making their Java application load an attacker\n controlled class file. (CVE-2018-2602)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to those\n queries. (CVE-2018-2599)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if it\n parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to use\n a previously freed context. (CVE-2018-2629)\n\n - It was discovered that the key agreement implementations\n in the JCE component of OpenJDK did not guarantee\n sufficient strength of used keys to adequately protect\n generated shared secret. This could make it easier to\n break data encryption by attacking key agreement rather\n than the encryption using the negotiated secret.\n (CVE-2018-2618)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to\n exploit vulnerability allows unauthenticated attacker\n with network access via multiple protocols to compromise\n Java SE, Java SE Embedded. Successful attacks require\n human interaction from a person other than the attacker\n and while the vulnerability is in Java SE, Java SE\n Embedded, attacks may significantly impact additional\n products. Successful attacks of this vulnerability can\n result in unauthorized creation, deletion or\n modification access to critical data or all Java SE,\n Java SE Embedded accessible data. Note: This\n vulnerability applies to Java deployments, typically in\n clients running sandboxed Java Web Start applications or\n sandboxed Java applets, that load and run untrusted code\n (e.g., code that comes from the internet) and rely on\n the Java sandbox for security. This vulnerability does\n not apply to Java deployments, typically in servers,\n that load and run only trusted code (e.g., code\n installed by an administrator). CVSS 3.0 Base Score 6.1\n (Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).\n (CVE-2018-2641)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: Hotspot). Supported\n versions that are affected are Java SE: 8u152 and 9.0.1;\n Java SE Embedded: 8u151. Easily exploitable\n vulnerability allows unauthenticated attacker with\n network access via multiple protocols to compromise Java\n SE, Java SE Embedded. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized creation, deletion or modification access\n to critical data or all Java SE, Java SE Embedded\n accessible data. Note: This vulnerability applies to\n client and server deployment of Java. This vulnerability\n can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be\n exploited by supplying data to APIs in the specified\n Component without using sandboxed Java Web Start\n applications or sandboxed Java applets, such as through\n a web service. CVSS 3.0 Base Score 6.5 (Integrity\n impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).\n (CVE-2018-2582)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass intended\n deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle LDAP\n referrals. An attacker could possibly use this flaw to\n make it fetch attacker controlled certificate data.\n (CVE-2018-2633)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0016\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL java-1.8.0-openjdk packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 5.04\": [\n \"java-1.8.0-openjdk-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-accessibility-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-accessibility-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-debuginfo-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-demo-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-demo-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-devel-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-devel-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-headless-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-headless-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-javadoc-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-javadoc-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-javadoc-zip-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-src-1.8.0.161-0.b14.el7_4\",\n \"java-1.8.0-openjdk-src-debug-1.8.0.161-0.b14.el7_4\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-03-01T06:53:02", "description": "This update for java-1_8_0-openjdk fixes the following issues:\nSecurity issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366) :\n\n - CVE-2018-2579: Improve key keying case\n\n - CVE-2018-2582: Better interface invocations\n\n - CVE-2018-2588: Improve LDAP logins\n\n - CVE-2018-2599: Improve reliability of DNS lookups\n\n - CVE-2018-2602: Improve usage messages\n\n - CVE-2018-2603: Improve PKCS usage\n\n - CVE-2018-2618: Stricter key generation\n\n - CVE-2018-2629: Improve GSS handling\n\n - CVE-2018-2633: Improve LDAP lookup robustness\n\n - CVE-2018-2634: Improve property negotiations\n\n - CVE-2018-2637: Improve JMX supportive features\n\n - CVE-2018-2641: Improve GTK initialization\n\n - CVE-2018-2663: More refactoring for deserialization\n cases\n\n - CVE-2018-2677: More refactoring for client\n deserialization cases\n\n - CVE-2018-2678: More refactoring for naming\n deserialization cases\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 8.3, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2018-03-21T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:0663-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk"], "id": "SUSE_SU-2018-0663-1.NASL", "href": "https://www.tenable.com/plugins/nessus/108510", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0663-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(108510);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:0663-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for java-1_8_0-openjdk fixes the following issues:\nSecurity issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366) :\n\n - CVE-2018-2579: Improve key keying case\n\n - CVE-2018-2582: Better interface invocations\n\n - CVE-2018-2588: Improve LDAP logins\n\n - CVE-2018-2599: Improve reliability of DNS lookups\n\n - CVE-2018-2602: Improve usage messages\n\n - CVE-2018-2603: Improve PKCS usage\n\n - CVE-2018-2618: Stricter key generation\n\n - CVE-2018-2629: Improve GSS handling\n\n - CVE-2018-2633: Improve LDAP lookup robustness\n\n - CVE-2018-2634: Improve property negotiations\n\n - CVE-2018-2637: Improve JMX supportive features\n\n - CVE-2018-2641: Improve GTK initialization\n\n - CVE-2018-2663: More refactoring for deserialization\n cases\n\n - CVE-2018-2677: More refactoring for client\n deserialization cases\n\n - CVE-2018-2678: More refactoring for naming\n deserialization cases\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076366\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2579/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2582/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2588/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2599/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2602/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2603/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2618/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2629/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2633/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2634/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2637/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2641/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2663/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2677/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-2678/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180663-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e3f4083\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2018-449=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-449=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2018-449=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-449=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-449=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-449=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-449=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2018-449=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-demo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-devel-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-headless-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-demo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-devel-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-headless-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-1.8.0.161-27.13.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-27.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-17T12:03:41", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by\nmultiple vulnerabilities:\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: JNDI).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2678)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily\n exploitable vulnerability allows unauthenticated\n attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks\n require human interaction from a person other than the\n attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial\n of service (partial DOS) of Java SE, Java SE Embedded.\n Note: This vulnerability applies to Java deployments,\n typically in clients running sandboxed Java Web Start\n applications or sandboxed Java applets, that load and\n run untrusted code (e.g., code that comes from the\n internet) and rely on the Java sandbox for security.\n This vulnerability does not apply to Java deployments,\n typically in servers, that load and run only trusted\n code (e.g., code installed by an administrator). CVSS\n 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2677)\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Libraries).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2663)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A remote\n attacker could possibly use this flaw to manipulate LDAP\n queries performed by the LdapLoginModule class.\n (CVE-2018-2588)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading resource\n bundle classes. A local attacker could possibly use this\n flaw to execute arbitrary code as another local user by\n making their Java application load an attacker\n controlled class file. (CVE-2018-2602)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to those\n queries. (CVE-2018-2599)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if it\n parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to use\n a previously freed context. (CVE-2018-2629)\n\n - It was discovered that the key agreement implementations\n in the JCE component of OpenJDK did not guarantee\n sufficient strength of used keys to adequately protect\n generated shared secret. This could make it easier to\n break data encryption by attacking key agreement rather\n than the encryption using the negotiated secret.\n (CVE-2018-2618)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to\n exploit vulnerability allows unauthenticated attacker\n with network access via multiple protocols to compromise\n Java SE, Java SE Embedded. Successful attacks require\n human interaction from a person other than the attacker\n and while the vulnerability is in Java SE, Java SE\n Embedded, attacks may significantly impact additional\n products. Successful attacks of this vulnerability can\n result in unauthorized creation, deletion or\n modification access to critical data or all Java SE,\n Java SE Embedded accessible data. Note: This\n vulnerability applies to Java deployments, typically in\n clients running sandboxed Java Web Start applications or\n sandboxed Java applets, that load and run untrusted code\n (e.g., code that comes from the internet) and rely on\n the Java sandbox for security. This vulnerability does\n not apply to Java deployments, typically in servers,\n that load and run only trusted code (e.g., code\n installed by an administrator). CVSS 3.0 Base Score 6.1\n (Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).\n (CVE-2018-2641)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: Hotspot). Supported\n versions that are affected are Java SE: 8u152 and 9.0.1;\n Java SE Embedded: 8u151. Easily exploitable\n vulnerability allows unauthenticated attacker with\n network access via multiple protocols to compromise Java\n SE, Java SE Embedded. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized creation, deletion or modification access\n to critical data or all Java SE, Java SE Embedded\n accessible data. Note: This vulnerability applies to\n client and server deployment of Java. This vulnerability\n can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be\n exploited by supplying data to APIs in the specified\n Component without using sandboxed Java Web Start\n applications or sandboxed Java applets, such as through\n a web service. CVSS 3.0 Base Score 6.5 (Integrity\n impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).\n (CVE-2018-2582)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass intended\n deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle LDAP\n referrals. An attacker could possibly use this flaw to\n make it fetch attacker controlled certificate data.\n (CVE-2018-2633)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 17, "cvss3": {"score": 7.4, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2019-08-12T00:00:00", "title": "NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0126)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2019-08-12T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0126_JAVA-1.8.0-OPENJDK.NASL", "href": "https://www.tenable.com/plugins/nessus/127375", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0126. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127375);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2018-2579\",\n \"CVE-2018-2582\",\n \"CVE-2018-2588\",\n \"CVE-2018-2599\",\n \"CVE-2018-2602\",\n \"CVE-2018-2603\",\n \"CVE-2018-2618\",\n \"CVE-2018-2629\",\n \"CVE-2018-2633\",\n \"CVE-2018-2634\",\n \"CVE-2018-2637\",\n \"CVE-2018-2641\",\n \"CVE-2018-2663\",\n \"CVE-2018-2677\",\n \"CVE-2018-2678\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0126)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by\nmultiple vulnerabilities:\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: JNDI).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2678)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily\n exploitable vulnerability allows unauthenticated\n attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks\n require human interaction from a person other than the\n attacker. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a partial denial\n of service (partial DOS) of Java SE, Java SE Embedded.\n Note: This vulnerability applies to Java deployments,\n typically in clients running sandboxed Java Web Start\n applications or sandboxed Java applets, that load and\n run untrusted code (e.g., code that comes from the\n internet) and rely on the Java sandbox for security.\n This vulnerability does not apply to Java deployments,\n typically in servers, that load and run only trusted\n code (e.g., code installed by an administrator). CVSS\n 3.0 Base Score 4.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2677)\n\n - Vulnerability in the Java SE, Java SE Embedded, JRockit\n component of Oracle Java SE (subcomponent: Libraries).\n Supported versions that are affected are Java SE: 6u171,\n 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151;\n JRockit: R28.3.16. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise Java SE, Java SE\n Embedded, JRockit. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of\n service (partial DOS) of Java SE, Java SE Embedded,\n JRockit. Note: This vulnerability applies to client and\n server deployment of Java. This vulnerability can be\n exploited through sandboxed Java Web Start applications\n and sandboxed Java applets. It can also be exploited by\n supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or\n sandboxed Java applets, such as through a web service.\n CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).\n (CVE-2018-2663)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A remote\n attacker could possibly use this flaw to manipulate LDAP\n queries performed by the LdapLoginModule class.\n (CVE-2018-2588)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading resource\n bundle classes. A local attacker could possibly use this\n flaw to execute arbitrary code as another local user by\n making their Java application load an attacker\n controlled class file. (CVE-2018-2602)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to those\n queries. (CVE-2018-2599)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if it\n parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to use\n a previously freed context. (CVE-2018-2629)\n\n - It was discovered that the key agreement implementations\n in the JCE component of OpenJDK did not guarantee\n sufficient strength of used keys to adequately protect\n generated shared secret. This could make it easier to\n break data encryption by attacking key agreement rather\n than the encryption using the negotiated secret.\n (CVE-2018-2618)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: AWT). Supported\n versions that are affected are Java SE: 6u171, 7u161,\n 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to\n exploit vulnerability allows unauthenticated attacker\n with network access via multiple protocols to compromise\n Java SE, Java SE Embedded. Successful attacks require\n human interaction from a person other than the attacker\n and while the vulnerability is in Java SE, Java SE\n Embedded, attacks may significantly impact additional\n products. Successful attacks of this vulnerability can\n result in unauthorized creation, deletion or\n modification access to critical data or all Java SE,\n Java SE Embedded accessible data. Note: This\n vulnerability applies to Java deployments, typically in\n clients running sandboxed Java Web Start applications or\n sandboxed Java applets, that load and run untrusted code\n (e.g., code that comes from the internet) and rely on\n the Java sandbox for security. This vulnerability does\n not apply to Java deployments, typically in servers,\n that load and run only trusted code (e.g., code\n installed by an administrator). CVSS 3.0 Base Score 6.1\n (Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).\n (CVE-2018-2641)\n\n - Vulnerability in the Java SE, Java SE Embedded component\n of Oracle Java SE (subcomponent: Hotspot). Supported\n versions that are affected are Java SE: 8u152 and 9.0.1;\n Java SE Embedded: 8u151. Easily exploitable\n vulnerability allows unauthenticated attacker with\n network access via multiple protocols to compromise Java\n SE, Java SE Embedded. Successful attacks require human\n interaction from a person other than the attacker.\n Successful attacks of this vulnerability can result in\n unauthorized creation, deletion or modification access\n to critical data or all Java SE, Java SE Embedded\n accessible data. Note: This vulnerability applies to\n client and server deployment of Java. This vulnerability\n can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be\n exploited by supplying data to APIs in the specified\n Component without using sandboxed Java Web Start\n applications or sandboxed Java applets, such as through\n a web service. CVSS 3.0 Base Score 6.5 (Integrity\n impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).\n (CVE-2018-2582)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass intended\n deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle LDAP\n referrals. An attacker could possibly use this flaw to\n make it fetch attacker controlled certificate data.\n (CVE-2018-2633)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0126\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL java-1.8.0-openjdk packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2637\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"java-1.8.0-openjdk-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-debug-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-debuginfo-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-demo-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-demo-debug-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-devel-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-devel-debug-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-headless-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-headless-debug-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-javadoc-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-javadoc-debug-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-src-1.8.0.161-3.b14.el6_9\",\n \"java-1.8.0-openjdk-src-debug-1.8.0.161-3.b14.el6_9\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-07T08:52:57", "description": "According to the versions of the java-1.8.0-openjdk packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Multiple flaws were found in the Hotspot and AWT\n components of OpenJDK. An untrusted Java application or\n applet could use these flaws to bypass certain Java\n sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle\n LDAP referrals. An attacker could possibly use this\n flaw to make it fetch attacker controlled certificate\n data. (CVE-2018-2633)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass\n intended deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A\n remote attacker could possibly use this flaw to\n manipulate LDAP queries performed by the\n LdapLoginModule class. (CVE-2018-2588)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to\n those queries. (CVE-2018-2599)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading\n resource bundle classes. A local attacker could\n possibly use this flaw to execute arbitrary code as\n another local user by making their Java application\n load an attacker controlled class file. (CVE-2018-2602)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if\n it parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the key agreement\n implementations in the JCE component of OpenJDK did not\n guarantee sufficient strength of used keys to\n adequately protect generated shared secret. This could\n make it easier to break data encryption by attacking\n key agreement rather than the encryption using the\n negotiated secret. (CVE-2018-2618)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to\n use a previously freed context. (CVE-2018-2629)\n\n - It was discovered that multiple classes in the\n Libraries, AWT, and JNDI components of OpenJDK did not\n sufficiently validate input when creating object\n instances from the serialized form. A specially-crafted\n input could cause a Java application to create objects\n with an inconsistent state or use an excessive amount\n of memory when deserialized. (CVE-2018-2663,\n CVE-2018-2677, CVE-2018-2678)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 83, "cvss3": {"score": 4.8, "vector": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}, "published": "2018-01-29T00:00:00", "title": "EulerOS 2.0 SP1 : java-1.8.0-openjdk (EulerOS-SA-2018-1027)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2018-01-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:java-1.8.0-openjdk", "p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-headless", "p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1027.NASL", "href": "https://www.tenable.com/plugins/nessus/106402", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106402);\n script_version(\"3.86\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-2579\",\n \"CVE-2018-2582\",\n \"CVE-2018-2588\",\n \"CVE-2018-2599\",\n \"CVE-2018-2602\",\n \"CVE-2018-2603\",\n \"CVE-2018-2618\",\n \"CVE-2018-2629\",\n \"CVE-2018-2633\",\n \"CVE-2018-2634\",\n \"CVE-2018-2637\",\n \"CVE-2018-2641\",\n \"CVE-2018-2663\",\n \"CVE-2018-2677\",\n \"CVE-2018-2678\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : java-1.8.0-openjdk (EulerOS-SA-2018-1027)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the java-1.8.0-openjdk packages\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Multiple flaws were found in the Hotspot and AWT\n components of OpenJDK. An untrusted Java application or\n applet could use these flaws to bypass certain Java\n sandbox restrictions. (CVE-2018-2582, CVE-2018-2641)\n\n - It was discovered that the LDAPCertStore class in the\n JNDI component of OpenJDK failed to securely handle\n LDAP referrals. An attacker could possibly use this\n flaw to make it fetch attacker controlled certificate\n data. (CVE-2018-2633)\n\n - The JGSS component of OpenJDK ignores the value of the\n javax.security.auth.useSubjectCredsOnly property when\n using HTTP/SPNEGO authentication and always uses global\n credentials. It was discovered that this could cause\n global credentials to be unexpectedly used by an\n untrusted Java application. (CVE-2018-2634)\n\n - It was discovered that the JMX component of OpenJDK\n failed to properly set the deserialization filter for\n the SingleEntryRegistry in certain cases. A remote\n attacker could possibly use this flaw to bypass\n intended deserialization restrictions. (CVE-2018-2637)\n\n - It was discovered that the LDAP component of OpenJDK\n failed to properly encode special characters in user\n names when adding them to an LDAP search query. A\n remote attacker could possibly use this flaw to\n manipulate LDAP queries performed by the\n LdapLoginModule class. (CVE-2018-2588)\n\n - It was discovered that the DNS client implementation in\n the JNDI component of OpenJDK did not use random source\n ports when sending out DNS queries. This could make it\n easier for a remote attacker to spoof responses to\n those queries. (CVE-2018-2599)\n\n - It was discovered that the I18n component of OpenJDK\n could use an untrusted search path when loading\n resource bundle classes. A local attacker could\n possibly use this flaw to execute arbitrary code as\n another local user by making their Java application\n load an attacker controlled class file. (CVE-2018-2602)\n\n - It was discovered that the Libraries component of\n OpenJDK failed to sufficiently limit the amount of\n memory allocated when reading DER encoded input. A\n remote attacker could possibly use this flaw to make a\n Java application use an excessive amount of memory if\n it parsed attacker supplied DER encoded input.\n (CVE-2018-2603)\n\n - It was discovered that the key agreement\n implementations in the JCE component of OpenJDK did not\n guarantee sufficient strength of used keys to\n adequately protect generated shared secret. This could\n make it easier to break data encryption by attacking\n key agreement rather than the encryption using the\n negotiated secret. (CVE-2018-2618)\n\n - It was discovered that the JGSS component of OpenJDK\n failed to properly handle GSS context in the native GSS\n library wrapper in certain cases. A remote attacker\n could possibly make a Java application using JGSS to\n use a previously freed context. (CVE-2018-2629)\n\n - It was discovered that multiple classes in the\n Libraries, AWT, and JNDI components of OpenJDK did not\n sufficiently validate input when creating object\n instances from the serialized form. A specially-crafted\n input could cause a Java application to create objects\n with an inconsistent state or use an excessive amount\n of memory when deserialized. (CVE-2018-2663,\n CVE-2018-2677, CVE-2018-2678)\n\n - It was discovered that multiple encryption key classes\n in the Libraries component of OpenJDK did not properly\n synchronize access to their internal data. This could\n possibly cause a multi-threaded Java application to\n apply weak encryption to data because of the use of a\n key that was zeroed out. (CVE-2018-2579)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1027\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c3a4c7c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"java-1.8.0-openjdk-1.8.0.161-0.b14\",\n \"java-1.8.0-openjdk-devel-1.8.0.161-0.b14\",\n \"java-1.8.0-openjdk-headless-1.8.0.161-0.b14\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2021-01-20T12:36:18", "description": "This update for java-1_8_0-openjdk fixes the following issues :\n\nSecurity issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366) :\n\n - CVE-2018-2579: Improve key keying case\n\n - CVE-2018-2582: Better interface invocations\n\n - CVE-2018-2588: Improve LDAP logins\n\n - CVE-2018-2599: Improve reliability of DNS lookups\n\n - CVE-2018-2602: Improve usage messages\n\n - CVE-2018-2603: Improve PKCS usage\n\n - CVE-2018-2618: Stricter key generation\n\n - CVE-2018-2629: Improve GSS handling\n\n - CVE-2018-2633: Improve LDAP lookup robustness\n\n - CVE-2018-2634: Improve property negotiations\n\n - CVE-2018-2637: Improve JMX supportive features\n\n - CVE-2018-2641: Improve GTK initialization\n\n - CVE-2018-2663: More refactoring for deserialization\n cases\n\n - CVE-2018-2677: More refactoring for client\n deserialization cases\n\n - CVE-2018-2678: More refactoring for naming\n deserialization cases\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.", "edition": 16, "cvss3": {"score": 8.3, "vector": "AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2018-03-15T00:00:00", "title": "openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2018-254)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "modified": "2018-03-15T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-accessibility", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-src", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-javadoc", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debugsource"], "id": "OPENSUSE-2018-254.NASL", "href": "https://www.tenable.com/plugins/nessus/108355", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-254.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108355);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-2579\", \"CVE-2018-2582\", \"CVE-2018-2588\", \"CVE-2018-2599\", \"CVE-2018-2602\", \"CVE-2018-2603\", \"CVE-2018-2618\", \"CVE-2018-2629\", \"CVE-2018-2633\", \"CVE-2018-2634\", \"CVE-2018-2637\", \"CVE-2018-2641\", \"CVE-2018-2663\", \"CVE-2018-2677\", \"CVE-2018-2678\");\n\n script_name(english:\"openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2018-254)\");\n script_summary(english:\"Check for the openSUSE-2018-254 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for java-1_8_0-openjdk fixes the following issues :\n\nSecurity issues fix in jdk8u161 (icedtea 3.7.0)(bsc#1076366) :\n\n - CVE-2018-2579: Improve key keying case\n\n - CVE-2018-2582: Better interface invocations\n\n - CVE-2018-2588: Improve LDAP logins\n\n - CVE-2018-2599: Improve reliability of DNS lookups\n\n - CVE-2018-2602: Improve usage messages\n\n - CVE-2018-2603: Improve PKCS usage\n\n - CVE-2018-2618: Stricter key generation\n\n - CVE-2018-2629: Improve GSS handling\n\n - CVE-2018-2633: Improve LDAP lookup robustness\n\n - CVE-2018-2634: Improve property negotiations\n\n - CVE-2018-2637: Improve JMX supportive features\n\n - CVE-2018-2641: Improve GTK initialization\n\n - CVE-2018-2663: More refactoring for deserialization\n cases\n\n - CVE-2018-2677: More refactoring for client\n deserialization cases\n\n - CVE-2018-2678: More refactoring for naming\n deserialization cases\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076366\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_8_0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-accessibility-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-demo-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-devel-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-headless-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-javadoc-1.8.0.161-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-src-1.8.0.161-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:11", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "Package : openjdk-7\nVersion : 7u171-2.6.13-1~deb7u1\nCVE ID : CVE-2018-2579 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602\n CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633\n CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663\n CVE-2018-2677 CVE-2018-2678\nDebian Bug : 891330\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, unauthorized access, sandbox bypass or HTTP header injection.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n7u171-2.6.13-1~deb7u1.\n\nWe recommend that you upgrade your openjdk-7 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2018-04-03T21:05:30", "published": "2018-04-03T21:05:30", "id": "DEBIAN:DLA-1339-1:B1DCE", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201804/msg00003.html", "title": "[SECURITY] [DLA 1339-1] openjdk-7 security update", "type": "debian", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-08-12T00:51:31", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2678", "CVE-2018-2579"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4166-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nApril 04, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-7\nCVE ID : CVE-2018-2579 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 \n CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633 \n CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663 \n CVE-2018-2677 CVE-2018-2678\n\nSeveral vulnerabilities have been discovered in OpenJDK, an\nimplementation of the Oracle Java platform, resulting in denial of\nservice, sandbox bypass, execution of arbitrary code, incorrect\nLDAP/GSS authentication, insecure use of cryptography or bypass of\ndeserialisation restrictions.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 7u171-2.6.13-1~deb8u1.\n\nWe recommend that you upgrade your openjdk-7 packages.\n\nFor the detailed security status of openjdk-7 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openjdk-7\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2018-04-04T19:30:35", "published": "2018-04-04T19:30:35", "id": "DEBIAN:DSA-4166-1:929BB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00092.html", "title": "[SECURITY] [DSA 4166-1] openjdk-7 security update", "type": "debian", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "aix": [{"lastseen": "2019-05-29T19:19:13", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2639", "CVE-2018-2638", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2657", "CVE-2018-1417", "CVE-2018-2678", "CVE-2018-2579"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Mon Apr 30 11:26:59 CDT 2018\n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/java_jan2018_advisory.asc\nhttps://aix.software.ibm.com/aix/efixes/security/java_jan2018_advisory.asc\nftp://aix.software.ibm.com/aix/efixes/security/java_jan2018_advisory.asc\n\nSecurity Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX\n\n\n===============================================================================\n\nSUMMARY:\n\n There are multiple vulnerabilities in IBM SDK Java Technology Edition,\n Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed\n as part of the IBM Java SDK updates in January 2018.\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2018-2579\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to \n the Java SE, Java SE Embedded, JRockit Libraries component could \n allow an unauthenticated attacker to obtain sensitive information \n resulting in a low confidentiality impact using unknown attack \n vectors.\n CVSS Base Score: 3.7 \n CVSS Temporal Score: See \n https://exchange.xforce.ibmcloud.com/vulnerabilities/137833 \n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2018-2588\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to \n the Java SE, Java SE Embedded, JRockit LDAP component could allow an \n authenticated attacker to obtain sensitive information resulting in a \n low confidentiality impact using unknown attack vectors. \n CVSS Base Score: 4.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137841\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n CVEID: CVE-2018-2663\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to \n the Java SE, Java SE Embedded, JRockit Libraries component could \n allow an unauthenticated attacker to cause a denial of service \n resulting in a low availability impact using unknown attack vectors. \n CVSS Base Score: 4.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137917\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2018-2677\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded AWT component could allow an unauthenticated \n attacker to cause a denial of service resulting in a low availability \n impact using unknown attack vectors. \n CVSS Base Score: 4.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137932\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2018-2678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded, JRockit JNDI component could allow an \n unauthenticated attacker to cause a denial of service resulting in a \n low availability impact using unknown attack vectors. \n CVSS Base Score: 4.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137933\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2018-2602\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded I18n component could allow an \n unauthenticated attacker to cause low confidentiality impact, low \n integrity impact, and low availability impact. \n CVSS Base Score: 4.5 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137854\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n CVEID: CVE-2018-2599\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded, JRockit JNDI component could allow an \n unauthenticated attacker to cause no confidentiality impact, low \n integrity impact, and low availability impact. \n CVSS Base Score: 4.8 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137851\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)\n\n CVEID: CVE-2018-2603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded, JRockit Libraries component could allow an \n unauthenticated attacker to cause a denial of service resulting in a \n low availability impact using unknown attack vectors. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137855\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2018-2657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2657\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2657\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, JRockit Serialization component could allow an \n unauthenticated attacker to cause a denial of service resulting in a \n low availability impact using unknown attack vectors. \n CVSS Base Score: 5.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137910\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n CVEID: CVE-2018-2618\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded, JRockit JCE component could allow an \n unauthenticated attacker to obtain sensitive information resulting in \n a high confidentiality impact using unknown attack vectors. \n CVSS Base Score: 5.9 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137870\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n CVEID: CVE-2018-2641\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded AWT component could allow an unauthenticated \n attacker to cause no confidentiality impact, high integrity impact, \n and no availability impact. \n CVSS Base Score: 6.1 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137893\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N)\n\n CVEID: CVE-2018-2582\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded Hotspot component could allow an \n unauthenticated attacker to cause no confidentiality impact, high \n integrity impact, and no availability impact. \n CVSS Base Score: 6.5 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137836\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)\n\n CVEID: CVE-2018-2634\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded JGSS component could allow an \n unauthenticated attacker to obtain sensitive information resulting in \n a high confidentiality impact using unknown attack vectors. \n CVSS Base Score: 6.8 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137886\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n CVEID: CVE-2018-2637\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded, JRockit JMX component could allow an \n unauthenticated attacker to cause high confidentiality impact, high \n integrity impact, and no availability impact. \n CVSS Base Score: 7.4 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137889\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\n CVEID: CVE-2018-2633\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE, Java SE Embedded, JRockit JNDI component could allow an \n unauthenticated attacker to take control of the system. \n CVSS Base Score: 8.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137885\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n CVEID: CVE-2018-2638\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2638\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2638\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE Deployment component could allow an unauthenticated attacker \n to take control of the system. \n CVSS Base Score: 8.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137890\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n CVEID: CVE-2018-2639\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2639\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2639\n DESCRIPTION: An unspecified vulnerability in Oracle Java SE related to the \n Java SE Deployment component could allow an unauthenticated attacker \n to take control of the system. \n CVSS Base Score: 8.3 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/137891\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)\n\n CVEID: CVE-2018-1417\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1417\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1417\n DESCRIPTION: Under certain circumstances, a flaw in the J9 JVM allows \n untrusted code running under a security manager to elevate its \n privileges. \n CVSS Base Score: 8.1 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/138823\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n\nAFFECTED PRODUCTS AND VERSIONS:\n\n AIX 5.3, 6.1, 7.1, 7.2\n VIOS 2.2.x\n\n The following fileset levels (VRMF) are vulnerable, if the \n respective Java version is installed:\n For Java7: Less than 7.0.0.620\n For Java7.1: Less than 7.1.0.420\n For Java8: Less than 8.0.0.510\n\n Note: To find out whether the affected Java filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i java\n\n\nREMEDIATION:\n\n Note: Recommended remediation is to always install the most recent \n Java package available for the respective Java version.\n\n IBM SDK, Java Technology Edition, Version 7 Service Refresh 10 Fix\n Pack 20 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.0.0.0&platform=AIX+32-bit,+pSeries&function=all \n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.0.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 4\n Fix Pack 20 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.1.0.0&platform=AIX+32-bit,+pSeries&function=all\n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.1.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n IBM SDK, Java Technology Edition, Version 8 Service Refresh 5\n Fix Pack 10 and subsequent releases:\n 32-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=8.0.0.0&platform=AIX+32-bit,+pSeries&function=all \n 64-bit: https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=8.0.0.0&platform=AIX+64-bit,+pSeries&function=all\n\n\nWORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Contact IBM Support for questions related to this announcement:\n\n http://ibm.com/support/\n https://ibm.com/support/\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS v2 Guide:\n http://www.first.org/cvss/v2/guide \n On-line Calculator v2:\n http://nvd.nist.gov/CVSS-v2-Calculator \n Complete CVSS v3 Guide:\n http://www.first.org/cvss/user-guide \n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0 \n IBM Java SDK Security Bulletin:\n http://www-01.ibm.com/support/docview.wss?uid=swg22012965\n\n\nRELATED INFORMATION:\n\n Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX\n http://www-01.ibm.com/support/docview.wss?uid=isg3T1027373\n\n\nACKNOWLEDGEMENTS:\n\n None.\n\nCHANGE HISTORY:\n\n First Issued: Mon Apr 30 11:26:59 CDT 2018\n\n \n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n\n\n\n\n", "edition": 5, "modified": "2018-04-30T11:26:59", "published": "2018-04-30T11:26:59", "id": "JAVA_JAN2018_ADVISORY.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/java_jan2018_advisory.asc", "title": "Multiple vulnerabilities in IBM Java SDK affect AIX", "type": "aix", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2018-03-19T05:26:18", "bulletinFamily": "unix", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2639", "CVE-2018-2638", "CVE-2018-2637", "CVE-2018-2581", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2627", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2579"], "description": "### Background\n\nJava Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in today\u2019s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today\u2019s applications require. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Oracle\u2019s Java SE. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, gain access to information, or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Oracle JDK users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=dev-java/oracle-jdk-bin-1.8.0.162:1.8\"\n \n\nAll Oracle JRE users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=dev-java/oracle-jre-bin-1.8.0.162:1.8\"", "edition": 1, "modified": "2018-03-19T00:00:00", "published": "2018-03-19T00:00:00", "href": "https://security.gentoo.org/glsa/201803-06", "id": "GLSA-201803-06", "type": "gentoo", "title": "Oracle JDK/JRE: Multiple vulnerabilities", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2020-09-02T11:50:42", "bulletinFamily": "info", "cvelist": ["CVE-2018-2618", "CVE-2018-2582", "CVE-2018-2663", "CVE-2018-2633", "CVE-2018-2639", "CVE-2018-2638", "CVE-2018-2637", "CVE-2018-2677", "CVE-2018-2581", "CVE-2018-2603", "CVE-2018-2599", "CVE-2018-2641", "CVE-2018-2629", "CVE-2018-2627", "CVE-2018-2588", "CVE-2018-2634", "CVE-2018-2602", "CVE-2018-2657", "CVE-2018-2675", "CVE-2018-2678", "CVE-2018-2579"], "description": "### *Detect date*:\n01/16/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities possibly possibly to cause denial of service, to gain privileges and to obtain sensitive information.\n\n### *Affected products*:\nJava SE 6 version 6u171 and earlier \nJava SE 7 version 7u161 and earlier \nJava SE 8 version 8u152 and earlier \nJava SE 9 version 9.0.1 and earlier \nJava SE Embedded version 8u151 and earlier \nJRockit version R28.3.16 and earlier \nJava Advanced Management Console version 2.8 and earlier\n\n### *Solution*:\nUpdate to the latest version \n[Oracle software downloads](<http://www.oracle.com/technetwork/indexes/downloads/index.html>)\n\n### *Original advisories*:\n[Oracle Critical Patch Update Advisory \u2013 January 2018](<http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle Java JRE 1.7.x](<https://threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/>)\n\n### *CVE-IDS*:\n[CVE-2018-2641](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641>)2.6Warning \n[CVE-2018-2581](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581>)4.3Warning \n[CVE-2018-2634](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634>)4.3Warning \n[CVE-2018-2639](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2639>)6.8High \n[CVE-2018-2582](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582>)4.3Warning \n[CVE-2018-2602](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602>)3.7Warning \n[CVE-2018-2603](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603>)5.0Critical \n[CVE-2018-2678](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678>)4.3Warning \n[CVE-2018-2657](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2657>)5.0Critical \n[CVE-2018-2633](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633>)5.1High \n[CVE-2018-2588](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588>)4.0Warning \n[CVE-2018-2627](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2627>)3.7Warning \n[CVE-2018-2637](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637>)5.8High \n[CVE-2018-2618](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618>)4.3Warning \n[CVE-2018-2675](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2675>)4.3Warning \n[CVE-2018-2677](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677>)4.3Warning \n[CVE-2018-2629](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629>)2.6Warning \n[CVE-2018-2599](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599>)5.8High \n[CVE-2018-2638](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2638>)5.1High \n[CVE-2018-2663](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663>)4.3Warning \n[CVE-2018-2579](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579>)4.3Warning", "edition": 41, "modified": "2020-05-22T00:00:00", "published": "2018-01-16T00:00:00", "id": "KLA11178", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11178", "title": "\r KLA11178Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}