Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2023 Tenable Network Security, Inc.AIX_JAVA_APR2017_ADVISORY.NASL
HistorySep 13, 2017 - 12:00 a.m.

AIX Java Advisory : java_apr2017_advisory.asc (April 2017 CPU)

2017-09-1300:00:00
This script is Copyright (C) 2017-2023 Tenable Network Security, Inc.
www.tenable.com
128
JSON

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following subcomponents :

  • Multiple vulnerabilities exist in the zlib subcomponent that allow an unauthenticated, remote attacker to trigger denial of service conditions. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843)

  • An unspecified flaw exists in the XML subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-1289)

  • An unspecified flaw exists in the Networking subcomponent that allows an unauthenticated, remote attacker to impact confidentiality and integrity.
    (CVE-2017-3509)

  • An unspecified flaw exists in the JCE subcomponent that allows a local attacker to gain elevated privileges.
    This vulnerability does not affect Java SE version 6.
    (CVE-2017-3511)

  • An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. This vulnerability does not affect Java SE version 6. (CVE-2017-3512)

  • An unspecified flaw exists in the AWT subcomponent that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-3514)

  • Multiple unspecified flaws exist in the Networking subcomponent that allow an unauthenticated, remote attacker to gain update, insert, or delete access to unauthorized data. (CVE-2017-3533, CVE-2017-3544)

  • An unspecified flaw exists in the Security subcomponent that allows an unauthenticated, remote attacker to gain update, insert, or delete access to unauthorized data.
    (CVE-2017-3539)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(103189);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/21");

  script_cve_id(
    "CVE-2016-9840",
    "CVE-2016-9841",
    "CVE-2016-9842",
    "CVE-2016-9843",
    "CVE-2017-1289",
    "CVE-2017-3509",
    "CVE-2017-3511",
    "CVE-2017-3512",
    "CVE-2017-3514",
    "CVE-2017-3533",
    "CVE-2017-3539",
    "CVE-2017-3544"
  );
  script_bugtraq_id(
    95131,
    97727,
    97729,
    97731,
    97737,
    97740,
    97745,
    97752,
    98401
  );

  script_name(english:"AIX Java Advisory : java_apr2017_advisory.asc (April 2017 CPU)");
  script_summary(english:"Checks the version of the Java package.");

  script_set_attribute(attribute:"synopsis", value:
"The version of Java SDK installed on the remote AIX host is affected
by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Java SDK installed on the remote AIX host is affected
by multiple vulnerabilities in the following subcomponents :

  - Multiple vulnerabilities exist in the zlib subcomponent
    that allow an unauthenticated, remote attacker to
    trigger denial of service conditions. (CVE-2016-9840,
    CVE-2016-9841, CVE-2016-9842, CVE-2016-9843)

  - An unspecified flaw exists in the XML subcomponent that
    allows an unauthenticated, remote attacker to execute
    arbitrary code. (CVE-2017-1289)

  - An unspecified flaw exists in the Networking
    subcomponent that allows an unauthenticated, remote
    attacker to impact confidentiality and integrity.
    (CVE-2017-3509)

  - An unspecified flaw exists in the JCE subcomponent that
    allows a local attacker to gain elevated privileges.
    This vulnerability does not affect Java SE version 6.
    (CVE-2017-3511)

  - An unspecified flaw exists in the AWT subcomponent
    that allows an unauthenticated, remote attacker to
    execute arbitrary code. This vulnerability does not
    affect Java SE version 6. (CVE-2017-3512)

  - An unspecified flaw exists in the AWT subcomponent
    that allows an unauthenticated, remote attacker to
    execute arbitrary code. (CVE-2017-3514)

  - Multiple unspecified flaws exist in the Networking
    subcomponent that allow an unauthenticated, remote
    attacker to gain update, insert, or delete access to
    unauthorized data. (CVE-2017-3533, CVE-2017-3544)

  - An unspecified flaw exists in the Security subcomponent
    that allows an unauthenticated, remote attacker to gain
    update, insert, or delete access to unauthorized data.
    (CVE-2017-3539)");
  # https://aix.software.ibm.com/aix/efixes/security/java_apr2017_advisory.asc
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8d03f97b");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=6.0.0.0&platform=AIX+32-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ce533d8f");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=6.0.0.0&platform=AIX+64-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?17d05c61");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.0.0.0&platform=AIX+32-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d4595696");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.0.0.0&platform=AIX+64-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9abd5252");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.1.0.0&platform=AIX+32-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4ee03dc1");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=7.1.0.0&platform=AIX+64-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8f7a066c");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=8.0.0.0&platform=AIX+32-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?52d4ddf3");
  # https://www-945.ibm.com/support/fixcentral/swg/selectFixes?
  # parent=ibm~WebSphere&product=ibm/IBM+SDKs+for+Java+Technology/Java+Standard+Edition+%28Java+SE%29&release=8.0.0.0&platform=AIX+64-bit,+pSeries&function=all
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?343fa903");
  # http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?623d2c22");
  script_set_attribute(attribute:"solution", value:
"Fixes are available by version and can be downloaded from the IBM AIX
website.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jre");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jdk");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/12/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/09/13");

  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"AIX Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2023 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/AIX/lslpp", "Host/local_checks_enabled", "Host/AIX/version", "Host/AIX/oslevelsp");

  exit(0);
}

include("aix.inc");
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
oslevel = get_kb_item_or_exit("Host/AIX/version");
if ( oslevel != "AIX-5.3" && oslevel != "AIX-6.1" && oslevel != "AIX-7.1" && oslevel != "AIX-7.2" )
{
  oslevel = ereg_replace(string:oslevel, pattern:"-", replace:" ");
  audit(AUDIT_OS_NOT, "AIX 5.3 / 6.1 / 7.1 / 7.2", oslevel);
}

oslevelcomplete = chomp(get_kb_item("Host/AIX/oslevelsp"));
if (empty_or_null(oslevelcomplete)) audit(AUDIT_UNKNOWN_APP_VER, "AIX");

if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);

flag = 0;

#Java6 6.0.0.645
if (aix_check_package(release:"5.3", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"5.3", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.644", fixpackagever:"6.0.0.645") > 0) flag++;

#Java7 7.0.0.605
if (aix_check_package(release:"6.1", package:"Java7.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.604", fixpackagever:"7.0.0.605") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java7.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.604", fixpackagever:"7.0.0.605") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java7.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.604", fixpackagever:"7.0.0.605") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java7_64.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.604", fixpackagever:"7.0.0.605") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java7_64.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.604", fixpackagever:"7.0.0.605") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java7_64.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.604", fixpackagever:"7.0.0.605") > 0) flag++;

#Java7.1 7.1.0.405
if (aix_check_package(release:"6.1", package:"Java7.sdk", minpackagever:"7.1.0.0", maxpackagever:"7.1.0.404", fixpackagever:"7.1.0.405") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java7.sdk", minpackagever:"7.1.0.0", maxpackagever:"7.1.0.404", fixpackagever:"7.1.0.405") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java7.sdk", minpackagever:"7.1.0.0", maxpackagever:"7.1.0.404", fixpackagever:"7.1.0.405") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java7_64.sdk", minpackagever:"7.1.0.0", maxpackagever:"7.1.0.404", fixpackagever:"7.1.0.405") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java7_64.sdk", minpackagever:"7.1.0.0", maxpackagever:"7.1.0.404", fixpackagever:"7.1.0.405") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java7_64.sdk", minpackagever:"7.1.0.0", maxpackagever:"7.1.0.404", fixpackagever:"7.1.0.405") > 0) flag++;

#Java8.0 8.0.0.406
if (aix_check_package(release:"6.1", package:"Java8.sdk", minpackagever:"8.0.0.0", maxpackagever:"8.0.0.405", fixpackagever:"8.0.0.406") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java8.sdk", minpackagever:"8.0.0.0", maxpackagever:"8.0.0.405", fixpackagever:"8.0.0.406") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java8.sdk", minpackagever:"8.0.0.0", maxpackagever:"8.0.0.405", fixpackagever:"8.0.0.406") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java8_64.sdk", minpackagever:"8.0.0.0", maxpackagever:"8.0.0.405", fixpackagever:"8.0.0.406") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java8_64.sdk", minpackagever:"8.0.0.0", maxpackagever:"8.0.0.405", fixpackagever:"8.0.0.406") > 0) flag++;
if (aix_check_package(release:"7.2", package:"Java8_64.sdk", minpackagever:"8.0.0.0", maxpackagever:"8.0.0.405", fixpackagever:"8.0.0.406") > 0) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : aix_report_get()
  );
}
else
{
  tested = aix_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Java6 / Java7 / Java8");
}
VendorProductVersionCPE
ibmaixcpe:/o:ibm:aix
oraclejrecpe:/a:oracle:jre
oraclejdkcpe:/a:oracle:jdk

References

Related

ibm 63
aix 1
nessus 56
suse 8
openvas 37
redhat 6
gentoo 3
mageia 1
debian 4
cloudfoundry 2
freebsd 1
ubuntu 5
osv 4
kaspersky 1
oraclelinux 3
thn 1
photon 1
amazon 2
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Monitoring
2018-06-17 15:43:58
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Composite Application Manager for Transactions (Multiple CVEs)
2018-06-17 15:40:50
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect SmartCloud Entry
2020-07-19 00:49:12
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-06-21 15:44:57
nessus
nessus
RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2017:1220)
2017-05-11 00:00:00
SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2017:1384-1)
2017-05-24 00:00:00
SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2017:1387-1)
2017-05-24 00:00:00
suse
suse
Security update for java-1_7_0-ibm (important)
2017-05-23 21:13:05
Security update for java-1_7_1-ibm (important)
2017-05-23 21:14:27
Security update for java-1_8_0-ibm (important)
2017-05-23 21:14:04
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1386-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1385-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:1384-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2017:1221) Moderate: java-1.7.1-ibm security update
2017-05-10 12:23:11
(RHSA-2017:1220) Moderate: java-1.8.0-ibm security update
2017-05-10 12:22:51
(RHSA-2017:1222) Moderate: java-1.6.0-ibm security update
2017-05-10 12:23:26
gentoo
gentoo
Oracle JDK/JRE: Multiple vulnerabilities
2017-05-07 00:00:00
rsync: Multiple vulnerabilities
2020-07-28 00:00:00
zlib: Multiple vulnerabilities
2017-01-23 00:00:00
mageia
mageia
Updated rsync packages fix security vulnerabilities
2020-02-29 16:42:35
debian
debian
[SECURITY] [DLA 2085-1] zlib security update
2020-01-29 21:52:33
[SECURITY] [DSA 3858-1] openjdk-7 security update
2017-05-19 20:54:31
[SECURITY] [DLA 954-1] openjdk-7 security update
2017-05-26 16:57:18
cloudfoundry
cloudfoundry
USN-4292-1: rsync vulnerabilities | Cloud Foundry
2020-03-10 00:00:00
USN-4246-1: zlib vulnerabilities | Cloud Foundry
2020-02-12 00:00:00
freebsd
freebsd
net/rsync -- multiple zlib issues
2020-06-19 00:00:00
ubuntu
ubuntu
rsync vulnerabilities
2020-02-25 00:00:00
zlib vulnerabilities
2020-01-22 00:00:00
OpenJDK 8 vulnerabilities
2017-05-11 00:00:00
osv
osv
zlib - security update
2020-01-29 00:00:00
openjdk-7 - security update
2017-05-26 00:00:00
openjdk-7 - security update
2017-05-19 00:00:00
kaspersky
kaspersky
KLA11005 Multiple vulnerabilities in Oracle Java SE
2017-04-24 00:00:00
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2017-04-20 00:00:00
java-1.7.0-openjdk security update
2017-05-09 00:00:00
java-1.8.0-openjdk security and bug fix update
2017-04-20 00:00:00
thn
thn
Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform
2021-07-07 12:58:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0051
2017-06-22 00:00:00
amazon
amazon
Medium: java-1.7.0-openjdk
2017-06-06 16:33:00
Medium: java-1.8.0-openjdk
2017-05-09 23:21:00
JSON
Related for AIX_JAVA_APR2017_ADVISORY.NASL
ibm63aix1nessus56suse8openvas37redhat6gentoo3mageia1debian4cloudfoundry2freebsd1ubuntu5osv4kaspersky1oraclelinux3thn1photon1amazon2