The version of Java SDK installed on the remote host is potentially affected by the following vulnerabilities :
Vulnerabilities in Oracle Java allow a remote attacker to bypass security features through flaws in XML document parsing. (CVE-2013-5878, CVE-2013-5910)
An information disclosure flaw in Oracle Java allows a remote attacker access to sensitive information through a flaw in the COBRA component. (CVE-2013-5884)
A vulnerability in Oracle Java allows a remote attacker to conduct a denial of service attack through a flaw in the Deployment component. (CVE-2013-5887)
Unspecified vulnerabilities exist in Oracle Java due to flaws in the Deployment component. (CVE-2013-5888, CVE-2013-5898, CVE-2013-5899, CVE-2014-0375, CVE-2014-0403, CVE-2014-0424)
Vulnerabilities in Oracle Java allow remote code execution through a flaw in the Deployment component.
(CVE-2013-5889, CVE-2014-0387, CVE-2014-0410, CVE-2014-0415)
A vulnerability in Oracle Java allows a remote attacker to conduct a denial of service attack through a flaw in the COBRA component. (CVE-2013-5896)
A vulnerability in Oracle Java allows remote code execution through a flaw in the 2D component.
(CVE-2013-5907)
An information disclosure and security bypass flaw exist in Oracle Java’s Networking component. (CVE-2014-0368)
A vulnerability in Oracle Java allows a remote attacker to bypass security features through flaws in the Serviceability component. (CVE-2014-0373)
A vulnerability in Oracle Java allows a remote attacker to bypass security features through flaws in the JAXP component. (CVE-2014-0376)
An information disclosure flaw in Oracle Java allows a remote attacker access to information about encryption keys through a flaw in the JSSE component.
(CVE-2014-0411)
A vulnerability in Oracle Java allows a remote attacker to bypass security features through flaws in the JAAS component. (CVE-2014-0416)
An unspecified vulnerability exists in Oracle Java due to flaws in the 2D component. (CVE-2014-0417)
A vulnerability in Oracle Java allows remote code execution through a flaw in the JNDI component.
(CVE-2014-0422)
An information disclosure and denial of service flaw exist in Oracle Java’s Beans component when XML data is read. (CVE-2014-0423)
A vulnerability in Oracle Java allows remote code execution through a flaw in the COBRA component.
(CVE-2014-0428)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text in the description was extracted from AIX Security
# Advisory java_jan2014_advisory.asc
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(76871);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/21");
script_cve_id(
"CVE-2013-5878",
"CVE-2013-5884",
"CVE-2013-5887",
"CVE-2013-5888",
"CVE-2013-5889",
"CVE-2013-5896",
"CVE-2013-5898",
"CVE-2013-5899",
"CVE-2013-5907",
"CVE-2013-5910",
"CVE-2014-0368",
"CVE-2014-0373",
"CVE-2014-0375",
"CVE-2014-0376",
"CVE-2014-0387",
"CVE-2014-0403",
"CVE-2014-0410",
"CVE-2014-0411",
"CVE-2014-0415",
"CVE-2014-0416",
"CVE-2014-0417",
"CVE-2014-0422",
"CVE-2014-0423",
"CVE-2014-0424",
"CVE-2014-0428"
);
script_bugtraq_id(
64875,
64882,
64894,
64899,
64907,
64912,
64914,
64915,
64916,
64918,
64919,
64920,
64921,
64922,
64924,
64925,
64926,
64927,
64928,
64930,
64931,
64932,
64933,
64935,
64937
);
script_name(english:"AIX Java Advisory : java_jan2014_advisory.asc");
script_summary(english:"Checks the version of the Java package.");
script_set_attribute(attribute:"synopsis", value:
"The remote AIX host has a version of Java SDK installed that is
potentially affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Java SDK installed on the remote host is potentially
affected by the following vulnerabilities :
- Vulnerabilities in Oracle Java allow a remote attacker
to bypass security features through flaws in XML
document parsing. (CVE-2013-5878, CVE-2013-5910)
- An information disclosure flaw in Oracle Java allows a
remote attacker access to sensitive information through
a flaw in the COBRA component. (CVE-2013-5884)
- A vulnerability in Oracle Java allows a remote attacker
to conduct a denial of service attack through a flaw in
the Deployment component. (CVE-2013-5887)
- Unspecified vulnerabilities exist in Oracle Java due
to flaws in the Deployment component. (CVE-2013-5888,
CVE-2013-5898, CVE-2013-5899, CVE-2014-0375,
CVE-2014-0403, CVE-2014-0424)
- Vulnerabilities in Oracle Java allow remote code
execution through a flaw in the Deployment component.
(CVE-2013-5889, CVE-2014-0387, CVE-2014-0410,
CVE-2014-0415)
- A vulnerability in Oracle Java allows a remote attacker
to conduct a denial of service attack through a flaw in
the COBRA component. (CVE-2013-5896)
- A vulnerability in Oracle Java allows remote code
execution through a flaw in the 2D component.
(CVE-2013-5907)
- An information disclosure and security bypass flaw exist
in Oracle Java's Networking component. (CVE-2014-0368)
- A vulnerability in Oracle Java allows a remote attacker
to bypass security features through flaws in the
Serviceability component. (CVE-2014-0373)
- A vulnerability in Oracle Java allows a remote attacker
to bypass security features through flaws in the JAXP
component. (CVE-2014-0376)
- An information disclosure flaw in Oracle Java allows a
remote attacker access to information about encryption
keys through a flaw in the JSSE component.
(CVE-2014-0411)
- A vulnerability in Oracle Java allows a remote attacker
to bypass security features through flaws in the JAAS
component. (CVE-2014-0416)
- An unspecified vulnerability exists in Oracle Java due
to flaws in the 2D component. (CVE-2014-0417)
- A vulnerability in Oracle Java allows remote code
execution through a flaw in the JNDI component.
(CVE-2014-0422)
- An information disclosure and denial of service flaw
exist in Oracle Java's Beans component when XML data is
read. (CVE-2014-0423)
- A vulnerability in Oracle Java allows remote code
execution through a flaw in the COBRA component.
(CVE-2014-0428)");
# https://aix.software.ibm.com/aix/efixes/security/java_jan2014_advisory.asc
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d6aa2211");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?aacaab25");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?70623e16");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1d08dc51");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4ca2561a");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a624fae8");
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?aa3fc787");
script_set_attribute(attribute:"see_also", value:"http://www.ibm.com/developerworks/java/jdk/aix/service.html#levels");
script_set_attribute(attribute:"solution", value:
"Fixes are available by version and can be downloaded from the AIX
website.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:ibm:aix");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:java");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/10/21");
script_set_attribute(attribute:"patch_publication_date", value:"2014/03/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/07/28");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.");
script_family(english:"AIX Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/AIX/lslpp", "Host/local_checks_enabled", "Host/AIX/version");
exit(0);
}
include("aix.inc");
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
oslevel = get_kb_item_or_exit("Host/AIX/version");
if ( oslevel != "AIX-5.3" && oslevel != "AIX-6.1" && oslevel != "AIX-7.1" )
{
oslevel = ereg_replace(string:oslevel, pattern:"-", replace:" ");
audit(AUDIT_OS_NOT, "AIX 5.3 / 6.1 / 7.1", oslevel);
}
if ( ! get_kb_item("Host/AIX/lslpp") ) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
#Java5 5.0.0.560
if (aix_check_package(release:"5.3", package:"Java5.sdk", minpackagever:"5.0.0.0", maxpackagever:"5.0.0.559", fixpackagever:"5.0.0.560") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java5.sdk", minpackagever:"5.0.0.0", maxpackagever:"5.0.0.559", fixpackagever:"5.0.0.560") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java5.sdk", minpackagever:"5.0.0.0", maxpackagever:"5.0.0.559", fixpackagever:"5.0.0.560") > 0) flag++;
if (aix_check_package(release:"5.3", package:"Java5_64.sdk", minpackagever:"5.0.0.0", maxpackagever:"5.0.0.559", fixpackagever:"5.0.0.560") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java5_64.sdk", minpackagever:"5.0.0.0", maxpackagever:"5.0.0.559", fixpackagever:"5.0.0.560") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java5_64.sdk", minpackagever:"5.0.0.0", maxpackagever:"5.0.0.559", fixpackagever:"5.0.0.560") > 0) flag++;
#Java6 6.0.0.435
if (aix_check_package(release:"5.3", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.434", fixpackagever:"6.0.0.435") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.434", fixpackagever:"6.0.0.435") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java6.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.434", fixpackagever:"6.0.0.435") > 0) flag++;
if (aix_check_package(release:"5.3", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.434", fixpackagever:"6.0.0.435") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.434", fixpackagever:"6.0.0.435") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java6_64.sdk", minpackagever:"6.0.0.0", maxpackagever:"6.0.0.434", fixpackagever:"6.0.0.435") > 0) flag++;
#Java7 7.0.0.110
if (aix_check_package(release:"6.1", package:"Java7.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.109", fixpackagever:"7.0.0.110") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java7.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.109", fixpackagever:"7.0.0.110") > 0) flag++;
if (aix_check_package(release:"6.1", package:"Java7_64.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.109", fixpackagever:"7.0.0.110") > 0) flag++;
if (aix_check_package(release:"7.1", package:"Java7_64.sdk", minpackagever:"7.0.0.0", maxpackagever:"7.0.0.109", fixpackagever:"7.0.0.110") > 0) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : aix_report_get()
);
}
else
{
tested = aix_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Java5 / Java6 / Java7");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
www.ibm.com/developerworks/java/jdk/aix/service.html#levels
www.nessus.org/u?1d08dc51
www.nessus.org/u?4ca2561a
www.nessus.org/u?70623e16
www.nessus.org/u?a624fae8
www.nessus.org/u?aa3fc787
www.nessus.org/u?aacaab25
www.nessus.org/u?d6aa2211