Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-167)

🗓️ 04 Sep 2013 00:00:00Reported by TenableType

Amazon Linux AMI security update for java-1.6.0-openjd

Reporter	Title	Published	Views	Family All 242
0day.today	Java CMM Remote Code Execution Vulnerability	28 Mar 201300:00	–	zdt
IBM Security Bulletins	Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2013, April 2013	19 Aug 202218:23	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server updates to IBM SDK for Java Feb 2013 CPU	25 Sep 202220:45	–	ibm
IBM Security Bulletins	Security Bulletin: Tivoli Storage Productivity Center affected by vulnerabilities in OpenSSL (CVE-2013-0169, CVE-2012-2686, CVE-2013-0166)	19 Aug 202218:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Rational Build Forge (CVE-2012-3213, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, C	17 Jun 201804:45	–	ibm
IBM Security Bulletins	Security Bulletin: Rational Functional Tester 8.x vulnerabilities due to security vulnerabilities in IBM JRE 7 SR3 or earlier, and non-IBM Java 7 (CVE-2013-0809, CVE-2013-1493, CVE-2013-0437, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0428)	7 May 201913:26	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Rational Application Developer for WebSphere Software due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)	5 Feb 202000:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE 6.0	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Smart Analytics System 5600 is affected by vulnerabilities in the IBM Java SDK	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: TADDM 7.2.1.4: Vulnerabilities in embedded JRE.	25 Sep 202221:06	–	ibm

Source	Link
alas	www.alas.aws.amazon.com/ALAS-2013-167.html
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2013-167.
#

include("compat.inc");

if (description)
{
  script_id(69726);
  script_version("1.8");
  script_cvs_date("Date: 2018/04/18 15:09:34");

  script_cve_id("CVE-2013-0809", "CVE-2013-1493");
  script_xref(name:"ALAS", value:"2013-167");
  script_xref(name:"RHSA", value:"2013:0605");

  script_name(english:"Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-167)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An integer overflow flaw was found in the way the 2D component handled
certain sample model instances. A specially crafted sample model
instance could cause Java Virtual Machine memory corruption and,
possibly, lead to arbitrary code execution with virtual machine
privileges. (CVE-2013-0809)

It was discovered that the 2D component did not properly reject
certain malformed images. Specially crafted raster parameters could
cause Java Virtual Machine memory corruption and, possibly, lead to
arbitrary code execution with virtual machine privileges.
(CVE-2013-1493)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2013-167.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update java-1.6.0-openjdk' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java CMM Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:java-1.6.0-openjdk-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/03/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/04");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-1.6.0.0-57.1.11.9.52.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-debuginfo-1.6.0.0-57.1.11.9.52.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-demo-1.6.0.0-57.1.11.9.52.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-devel-1.6.0.0-57.1.11.9.52.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-javadoc-1.6.0.0-57.1.11.9.52.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"java-1.6.0-openjdk-src-1.6.0.0-57.1.11.9.52.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.6.0-openjdk / java-1.6.0-openjdk-debuginfo / etc");
}

18 Apr 2018 15:09Current

8.9High risk

Vulners AI Score8.9

CVSS 210

EPSS0.91612