ID DEBIAN_DSA-4005.NASL Type nessus Reporter Tenable Modified 2018-11-10T00:00:00
Description
Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4005. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(104058);
script_version("3.3");
script_cvs_date("Date: 2018/11/10 11:49:38");
script_cve_id("CVE-2017-10086", "CVE-2017-10114");
script_xref(name:"DSA", value:"4005");
script_name(english:"Debian DSA-4005-1 : openjfx - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Two unspecified vulnerabilities were discovered in OpenJFX, a rich
client application platform for Java."
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/stretch/openjfx"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2017/dsa-4005"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the openjfx packages.
For the stable distribution (stretch), these problems have been fixed
in version 8u141-b14-3~deb9u1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:openjfx");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
script_set_attribute(attribute:"patch_publication_date", value:"2017/10/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"9.0", prefix:"libopenjfx-java", reference:"8u141-b14-3~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libopenjfx-java-doc", reference:"8u141-b14-3~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"libopenjfx-jni", reference:"8u141-b14-3~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"openjfx", reference:"8u141-b14-3~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"openjfx-source", reference:"8u141-b14-3~deb9u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-4005.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-4005-1 : openjfx - security update", "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "published": "2017-10-23T00:00:00", "modified": "2018-11-10T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "reporter": "Tenable", "references": ["https://packages.debian.org/source/stretch/openjfx", "https://www.debian.org/security/2017/dsa-4005"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "type": "nessus", "lastseen": "2019-02-21T01:33:31", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2c27fd15650b494d3b6464e882cdb2cc88b38ef7c98a5f840551643443309bc9", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "a0550d8929a8d2440a7ab66382b13e88", "key": "modified"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "b22e238404bf5b8b3d0b88fb353e1a58", "key": "cpe"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "19c76085e9f251814122c750e882e80b", "key": "sourceData"}, {"hash": "dca525f030403c751abbc571fbe7a515", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18", "key": "description"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2018-09-01T23:48:52", "modified": "2018-01-29T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "http://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2018/01/29 14:39:06 $\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["references", "modified", "sourceData"], "edition": 5, "lastseen": "2018-09-01T23:48:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2c27fd15650b494d3b6464e882cdb2cc88b38ef7c98a5f840551643443309bc9", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "a0550d8929a8d2440a7ab66382b13e88", "key": "modified"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "b22e238404bf5b8b3d0b88fb353e1a58", "key": "cpe"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "19c76085e9f251814122c750e882e80b", "key": "sourceData"}, {"hash": "dca525f030403c751abbc571fbe7a515", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18", "key": "description"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2018-01-30T01:03:33", "modified": "2018-01-29T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "http://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2018/01/29 14:39:06 $\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-01-30T01:03:33"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "edition": 6, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "fb1e9d9e26d3cf73f4ee31dbe6affa2be0b9a62abb9cbe1951c2aad580e1f42b", "hashmap": [{"hash": "a9cf4c0acea8dcd97ae95b3300722f95", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "a209177bb1bf792f4e079b21e0b47e58", "key": "references"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "b22e238404bf5b8b3d0b88fb353e1a58", "key": "cpe"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18", "key": "description"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2018-11-13T16:55:14", "modified": "2018-11-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "https://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:38\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-11-13T16:55:14"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "edition": 1, "enchantments": {}, "hash": "b5b6eedc3348e9ba3972d61a9ebc215eaa5b35e7ec7d64aedd0b91c15df25f40", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "modified"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "dca525f030403c751abbc571fbe7a515", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d9237ab241c443b7885f4c78d851c476", "key": "sourceData"}, {"hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18", "key": "description"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2017-10-24T04:40:52", "modified": "2017-10-23T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "http://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/10/23 13:47:33 $\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2017-10-24T04:40:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "cd79612411848541292ab5f0f30e0f71234b19ca2137b52657d6913d3d25513c", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "a0550d8929a8d2440a7ab66382b13e88", "key": "modified"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "b22e238404bf5b8b3d0b88fb353e1a58", "key": "cpe"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "19c76085e9f251814122c750e882e80b", "key": "sourceData"}, {"hash": "dca525f030403c751abbc571fbe7a515", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18", "key": "description"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2018-08-30T19:42:46", "modified": "2018-01-29T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "http://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2018/01/29 14:39:06 $\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:42:46"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java.", "edition": 2, "enchantments": {"score": {"modified": "2017-10-29T13:38:52", "value": 6.8}}, "hash": "5f12dab6adc90486955e96458bba06ae83163b0f144e8573952ac402fed3d01a", "hashmap": [{"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "modified"}, {"hash": "b22e238404bf5b8b3d0b88fb353e1a58", "key": "cpe"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "dca525f030403c751abbc571fbe7a515", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d9237ab241c443b7885f4c78d851c476", "key": "sourceData"}, {"hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18", "key": "description"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2017-10-29T13:38:52", "modified": "2017-10-23T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "http://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/10/23 13:47:33 $\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:38:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "cvelist": ["CVE-2017-10114", "CVE-2017-10086"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.", "edition": 7, "enchantments": {"dependencies": {"modified": "2019-01-16T20:29:30", "references": [{"idList": ["OPENSUSE-SU-2018:0042-1", "SUSE-SU-2018:0005-1", "SUSE-SU-2017:2175-1"], "type": "suse"}, {"idList": ["KLA11076"], "type": "kaspersky"}, {"idList": ["DEBIAN:DSA-4005-1:3D72F"], "type": "debian"}, {"idList": ["RHSA-2017:1790", "RHSA-2017:1791"], "type": "redhat"}, {"idList": ["CVE-2017-10114", "CVE-2017-10086"], "type": "cve"}, {"idList": ["OPENVAS:1361412562310704005", "OPENVAS:1361412562310811243", "OPENVAS:1361412562310851679", "OPENVAS:1361412562310108377"], "type": "openvas"}, {"idList": ["SUSE_SU-2017-2175-1.NASL", "PHOTONOS_PHSA-2017-0026.NASL", "GENTOO_GLSA-201709-22.NASL", "REDHAT-RHSA-2017-1791.NASL", "PHOTONOS_PHSA-2017-0026_OPENJRE.NASL", "REDHAT-RHSA-2017-1790.NASL", "ORACLE_JAVA_CPU_JUL_2017.NASL", "PHOTONOS_PHSA-2017-0026_OPENJDK.NASL", "OPENSUSE-2017-954.NASL", "ORACLE_JAVA_CPU_JUL_2017_UNIX.NASL"], "type": "nessus"}, {"idList": ["GLSA-201709-22"], "type": "gentoo"}, {"idList": ["ORACLE:CPUJUL2017-3236622"], "type": "oracle"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "6ee57e0fb583be398d658fc729e1f323077a62ee933b0ca90783929e2084d528", "hashmap": [{"hash": "ad7915233027e2be9979214723f38497", "key": "description"}, {"hash": "a9cf4c0acea8dcd97ae95b3300722f95", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "a209177bb1bf792f4e079b21e0b47e58", "key": "references"}, {"hash": "32db5b377206ebad5bb831f484c8ad1a", "key": "title"}, {"hash": "b22e238404bf5b8b3d0b88fb353e1a58", "key": "cpe"}, {"hash": "d19ef115d1aab3266bbf54af8df5b8e9", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3c764d4cf584f9ded7aa4dcca57c78ff", "key": "modified"}, {"hash": "0195c70b22339fcae8ce2de25f5d291f", "key": "pluginID"}, {"hash": "d8c5258e5a576d26c2fb423e2a97a96d", "key": "href"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "30b8c63c738508804cbddea141b6640c", "key": "published"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=104058", "id": "DEBIAN_DSA-4005.NASL", "lastseen": "2019-01-16T20:29:30", "modified": "2018-11-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "104058", "published": "2017-10-23T00:00:00", "references": ["https://packages.debian.org/source/stretch/openjfx", "https://www.debian.org/security/2017/dsa-4005"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:38\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-4005-1 : openjfx - security update", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 7, "lastseen": "2019-01-16T20:29:30"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "b22e238404bf5b8b3d0b88fb353e1a58"}, {"key": "cvelist", "hash": "d19ef115d1aab3266bbf54af8df5b8e9"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "c7aa90c25e2abc5ca9a9a3719cbe1e18"}, {"key": "href", "hash": "d8c5258e5a576d26c2fb423e2a97a96d"}, {"key": "modified", "hash": "3c764d4cf584f9ded7aa4dcca57c78ff"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "0195c70b22339fcae8ce2de25f5d291f"}, {"key": "published", "hash": "30b8c63c738508804cbddea141b6640c"}, {"key": "references", "hash": "a209177bb1bf792f4e079b21e0b47e58"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "a9cf4c0acea8dcd97ae95b3300722f95"}, {"key": "title", "hash": "32db5b377206ebad5bb831f484c8ad1a"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "fb1e9d9e26d3cf73f4ee31dbe6affa2be0b9a62abb9cbe1951c2aad580e1f42b", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-10114", "CVE-2017-10086"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4005-1:3D72F"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704005", "OPENVAS:1361412562310108377", "OPENVAS:1361412562310811243", "OPENVAS:1361412562310851679"]}, {"type": "redhat", "idList": ["RHSA-2017:1790", "RHSA-2017:1791"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2017-1790.NASL", "REDHAT-RHSA-2017-1791.NASL", "PHOTONOS_PHSA-2017-0026_OPENJRE.NASL", "PHOTONOS_PHSA-2017-0026.NASL", "ORACLE_JAVA_CPU_JUL_2017.NASL", "SUSE_SU-2017-2175-1.NASL", "ORACLE_JAVA_CPU_JUL_2017_UNIX.NASL", "OPENSUSE-2017-954.NASL", "PHOTONOS_PHSA-2017-0026_OPENJDK.NASL", "GENTOO_GLSA-201709-22.NASL"]}, {"type": "kaspersky", "idList": ["KLA11076"]}, {"type": "gentoo", "idList": ["GLSA-201709-22"]}, {"type": "suse", "idList": ["SUSE-SU-2017:2175-1", "SUSE-SU-2018:0005-1", "OPENSUSE-SU-2018:0042-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2017-3236622"]}], "modified": "2019-02-21T01:33:31"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4005. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104058);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2018/11/10 11:49:38\");\n\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_xref(name:\"DSA\", value:\"4005\");\n\n script_name(english:\"Debian DSA-4005-1 : openjfx - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich\nclient application platform for Java.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjfx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openjfx packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 8u141-b14-3~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjfx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-java-doc\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libopenjfx-jni\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx\", reference:\"8u141-b14-3~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjfx-source\", reference:\"8u141-b14-3~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "104058", "cpe": ["p-cpe:/a:debian:debian_linux:openjfx", "cpe:/o:debian:debian_linux:9.0"], "scheme": null}
{"cve": [{"lastseen": "2018-01-05T11:52:39", "bulletinFamily": "NVD", "description": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "modified": "2018-01-04T21:31:27", "published": "2017-08-08T11:29:03", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10114", "id": "CVE-2017-10114", "title": "CVE-2017-10114", "type": "cve", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-05T11:52:39", "bulletinFamily": "NVD", "description": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "modified": "2018-01-04T21:31:26", "published": "2017-08-08T11:29:02", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-10086", "id": "CVE-2017-10086", "title": "CVE-2017-10086", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-03-19T12:32:07", "bulletinFamily": "scanner", "description": "Two unspecified vulnerabilities were discovered in OpenJFX, a rich client\napplication platform for Java.", "modified": "2019-03-18T00:00:00", "published": "2017-10-20T00:00:00", "id": "OPENVAS:1361412562310704005", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704005", "title": "Debian Security Advisory DSA 4005-1 (openjfx - security update)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: deb_4005.nasl 14284 2019-03-18 15:02:15Z cfischer $\n#\n# Auto-generated from advisory DSA 4005-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704005\");\n script_version(\"$Revision: 14284 $\");\n script_cve_id(\"CVE-2017-10086\", \"CVE-2017-10114\");\n script_name(\"Debian Security Advisory DSA 4005-1 (openjfx - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 16:02:15 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-10-20 00:00:00 +0200 (Fri, 20 Oct 2017)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-4005.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"openjfx on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 8u141-b14-3~deb9u1.\n\nWe recommend that you upgrade your openjfx packages.\");\n script_tag(name:\"summary\", value:\"Two unspecified vulnerabilities were discovered in OpenJFX, a rich client\napplication platform for Java.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libopenjfx-java\", ver:\"8u141-b14-3~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libopenjfx-java-doc\", ver:\"8u141-b14-3~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libopenjfx-jni\", ver:\"8u141-b14-3~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjfx\", ver:\"8u141-b14-3~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"openjfx-source\", ver:\"8u141-b14-3~deb9u1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:34:16", "bulletinFamily": "scanner", "description": "The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.", "modified": "2018-10-19T00:00:00", "published": "2017-07-19T00:00:00", "id": "OPENVAS:1361412562310811243", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310811243", "title": "Oracle Java SE Security Updates (jul2017-3236622) 03 - Windows", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_java_jul2017-3236622_03_win.nasl 11989 2018-10-19 11:25:26Z cfischer $\n#\n# Oracle Java SE Security Updates (jul2017-3236622) 03 - Windows\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:jre\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.811243\");\n script_version(\"$Revision: 11989 $\");\n script_cve_id(\"CVE-2017-10090\", \"CVE-2017-10114\", \"CVE-2017-10118\", \"CVE-2017-10086\",\n \"CVE-2017-10176\", \"CVE-2017-10125\");\n script_bugtraq_id(99706, 99726, 99782, 99662, 99788, 99809);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 13:25:26 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-19 11:51:38 +0530 (Wed, 19 Jul 2017)\");\n script_name(\"Oracle Java SE Security Updates (jul2017-3236622) 03 - Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to multiple\n unspecified errors in 'Libraries', 'JavaFX', 'JCE', 'Security' and 'Deployment'\n component of application.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to have an impact on\n confidentiality, integrity and availablility.\");\n\n script_tag(name:\"affected\", value:\"Oracle Java SE version\n 1.7.0.141 and earlier, 1.8.0.131 and earlier, on Windows\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_java_prdts_detect_portable_win.nasl\");\n script_mandatory_keys(\"Sun/Java/JRE/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"1.7.0\", test_version2:\"1.7.0.141\") ||\n version_in_range(version:vers, test_version:\"1.8.0\", test_version2:\"1.8.0.131\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version: \"Apply the patch\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-22T16:36:28", "bulletinFamily": "scanner", "description": "The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.", "modified": "2018-10-19T00:00:00", "published": "2017-07-19T00:00:00", "id": "OPENVAS:1361412562310108377", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108377", "title": "Oracle Java SE Security Updates (jul2017-3236622) 03 - Linux", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_java_jul2017-3236622_03_lin.nasl 11989 2018-10-19 11:25:26Z cfischer $\n#\n# Oracle Java SE Security Updates (jul2017-3236622) 03 - Linux\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:jre\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108377\");\n script_version(\"$Revision: 11989 $\");\n script_cve_id(\"CVE-2017-10090\", \"CVE-2017-10114\", \"CVE-2017-10118\", \"CVE-2017-10086\",\n \"CVE-2017-10176\", \"CVE-2017-10125\");\n script_bugtraq_id(99706, 99726, 99782, 99662, 99788, 99809);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-19 13:25:26 +0200 (Fri, 19 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-19 11:51:38 +0530 (Wed, 19 Jul 2017)\");\n script_name(\"Oracle Java SE Security Updates (jul2017-3236622) 03 - Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle Java SE\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to multiple\n unspecified errors in 'Libraries', 'JavaFX', 'JCE', 'Security' and 'Deployment'\n component of application.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to have an impact on\n confidentiality, integrity and availablility.\");\n\n script_tag(name:\"affected\", value:\"Oracle Java SE version\n 1.7.0.141 and earlier, 1.8.0.131 and earlier, on Linux\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_java_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Sun/Java/JRE/Linux/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ninfos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE );\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:vers, test_version:\"1.7.0\", test_version2:\"1.7.0.141\") ||\n version_in_range(version:vers, test_version:\"1.8.0\", test_version2:\"1.8.0.131\"))\n{\n report = report_fixed_ver(installed_version:vers, fixed_version: \"Apply the patch\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-23T15:03:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2018-01-09T00:00:00", "id": "OPENVAS:1361412562310851679", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851679", "title": "SuSE Update for java-1_7_0-openjdk openSUSE-SU-2018:0042-1 (java-1_7_0-openjdk)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2018_0042_1.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# SuSE Update for java-1_7_0-openjdk openSUSE-SU-2018:0042-1 (java-1_7_0-openjdk)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851679\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2018-01-09 15:38:23 +0100 (Tue, 09 Jan 2018)\");\n script_cve_id(\"CVE-2016-10165\", \"CVE-2016-9840\", \"CVE-2016-9841\", \"CVE-2016-9842\",\n \"CVE-2016-9843\", \"CVE-2017-10053\", \"CVE-2017-10067\", \"CVE-2017-10074\",\n \"CVE-2017-10081\", \"CVE-2017-10086\", \"CVE-2017-10087\", \"CVE-2017-10089\",\n \"CVE-2017-10090\", \"CVE-2017-10096\", \"CVE-2017-10101\", \"CVE-2017-10102\",\n \"CVE-2017-10105\", \"CVE-2017-10107\", \"CVE-2017-10108\", \"CVE-2017-10109\",\n \"CVE-2017-10110\", \"CVE-2017-10111\", \"CVE-2017-10114\", \"CVE-2017-10115\",\n \"CVE-2017-10116\", \"CVE-2017-10118\", \"CVE-2017-10125\", \"CVE-2017-10135\",\n \"CVE-2017-10176\", \"CVE-2017-10193\", \"CVE-2017-10198\", \"CVE-2017-10243\",\n \"CVE-2017-10274\", \"CVE-2017-10281\", \"CVE-2017-10285\", \"CVE-2017-10295\",\n \"CVE-2017-10345\", \"CVE-2017-10346\", \"CVE-2017-10347\", \"CVE-2017-10348\",\n \"CVE-2017-10349\", \"CVE-2017-10350\", \"CVE-2017-10355\", \"CVE-2017-10356\",\n \"CVE-2017-10357\", \"CVE-2017-10388\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for java-1_7_0-openjdk openSUSE-SU-2018:0042-1 (java-1_7_0-openjdk)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_7_0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"This update for java-1_7_0-openjdk fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084).\n\n - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO\n (bsc#1064071).\n\n - CVE-2017-10281: Fix issue inside subcomponent Serialization\n (bsc#1064072).\n\n - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073).\n\n - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075).\n\n - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086).\n\n - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078).\n\n - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082).\n\n - CVE-2017-10347: Fix issue inside subcomponent Serialization\n (bsc#1064079).\n\n - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081).\n\n - CVE-2017-10345: Fix issue inside subcomponent Serialization\n (bsc#1064077).\n\n - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080).\n\n - CVE-2017-10357: Fix issue inside subcomponent Serialization\n (bsc#1064085).\n\n - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083).\n\n - CVE-2017-10102: Fix incorrect handling of references in DGC\n (bsc#1049316).\n\n - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader\n (bsc#1049305).\n\n - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest\n (bsc#1049306).\n\n - CVE-2017-10081: Fix incorrect bracket processing in function signature\n handling (bsc#1049309).\n\n - CVE-2017-10087: Fix insufficient access control checks in\n ThreadPoolExecutor (bsc#1049311).\n\n - CVE-2017-10089: Fix insufficient access control checks in\n ServiceRegistry (bsc#1049312).\n\n - CVE-2017-10090: Fix insufficient access control checks in\n AsynchronousChannelGroupImpl (bsc#1049313).\n\n - CVE-2017-10096: Fix insufficient access control checks in XML\n transformations (bsc#1049314).\n\n - CVE-2017-10101: Fix unrestricted access to\n com.sun.org.apache.xml.internal.resolver (bsc#1049315).\n\n - CVE-2017-10107: Fix insufficient access control checks in ActivationID\n (bsc#1049318).\n\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n\n - CVE-2017-10110: Fix insufficient access control checks in ImageWatched\n (bsc#1049321).\n\n - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute\n deserialization (bsc#1049319).\n\n - CVE-2017-10109: Fix unbounded memory allocation in CodeSource\n deserialization (bsc#1049320).\n\n - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE\n (bsc#1049324).\n\n - CVE-2 ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"java-1_7_0-openjdk on openSUSE Leap 42.3, openSUSE Leap 42.2\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:0042_1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00025.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSELeap42\\.2|openSUSELeap42\\.3)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk\", rpm:\"java-1_7_0-openjdk~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-accessibility\", rpm:\"java-1_7_0-openjdk-accessibility~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap\", rpm:\"java-1_7_0-openjdk-bootstrap~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-debugsource\", rpm:\"java-1_7_0-openjdk-bootstrap-debugsource~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-devel\", rpm:\"java-1_7_0-openjdk-bootstrap-devel~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-devel-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-devel-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-headless\", rpm:\"java-1_7_0-openjdk-bootstrap-headless~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-headless-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-headless-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-debuginfo\", rpm:\"java-1_7_0-openjdk-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-debugsource\", rpm:\"java-1_7_0-openjdk-debugsource~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-demo\", rpm:\"java-1_7_0-openjdk-demo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-demo-debuginfo\", rpm:\"java-1_7_0-openjdk-demo-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-devel\", rpm:\"java-1_7_0-openjdk-devel~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-devel-debuginfo\", rpm:\"java-1_7_0-openjdk-devel-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-headless\", rpm:\"java-1_7_0-openjdk-headless~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-headless-debuginfo\", rpm:\"java-1_7_0-openjdk-headless-debuginfo~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-src\", rpm:\"java-1_7_0-openjdk-src~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-javadoc\", rpm:\"java-1_7_0-openjdk-javadoc~1.7.0.161~42.6.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"openSUSELeap42.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk\", rpm:\"java-1_7_0-openjdk~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-accessibility\", rpm:\"java-1_7_0-openjdk-accessibility~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap\", rpm:\"java-1_7_0-openjdk-bootstrap~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-debugsource\", rpm:\"java-1_7_0-openjdk-bootstrap-debugsource~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-devel\", rpm:\"java-1_7_0-openjdk-bootstrap-devel~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-devel-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-devel-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-headless\", rpm:\"java-1_7_0-openjdk-bootstrap-headless~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-headless-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-headless-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-debuginfo\", rpm:\"java-1_7_0-openjdk-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-debugsource\", rpm:\"java-1_7_0-openjdk-debugsource~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-demo\", rpm:\"java-1_7_0-openjdk-demo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-demo-debuginfo\", rpm:\"java-1_7_0-openjdk-demo-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-devel\", rpm:\"java-1_7_0-openjdk-devel~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-devel-debuginfo\", rpm:\"java-1_7_0-openjdk-devel-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-headless\", rpm:\"java-1_7_0-openjdk-headless~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-headless-debuginfo\", rpm:\"java-1_7_0-openjdk-headless-debuginfo~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-src\", rpm:\"java-1_7_0-openjdk-src~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1_7_0-openjdk-javadoc\", rpm:\"java-1_7_0-openjdk-javadoc~1.7.0.161~45.1\", rls:\"openSUSELeap42.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:06", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4005-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nOctober 20, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjfx\nCVE ID : CVE-2017-10086 CVE-2017-10114\n\nTwo unspecified vulnerabilities were discovered in OpenJFX, a rich client\napplication platform for Java.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 8u141-b14-3~deb9u1.\n\nWe recommend that you upgrade your openjfx packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2017-10-20T18:36:41", "published": "2017-10-20T18:36:41", "id": "DEBIAN:DSA-4005-1:3D72F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00267.html", "title": "[SECURITY] [DSA 4005-1] openjfx security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:32:01", "bulletinFamily": "scanner", "description": "An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nOracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 141.\n\nSecurity Fix(es) :\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\nFurther information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2017-1790.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101880", "published": "2017-07-21T00:00:00", "title": "RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2017:1790)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1790. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101880);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2018/11/10 11:49:56\");\n\n script_cve_id(\"CVE-2017-10053\", \"CVE-2017-10067\", \"CVE-2017-10074\", \"CVE-2017-10078\", \"CVE-2017-10081\", \"CVE-2017-10086\", \"CVE-2017-10087\", \"CVE-2017-10089\", \"CVE-2017-10090\", \"CVE-2017-10096\", \"CVE-2017-10101\", \"CVE-2017-10102\", \"CVE-2017-10105\", \"CVE-2017-10107\", \"CVE-2017-10108\", \"CVE-2017-10109\", \"CVE-2017-10110\", \"CVE-2017-10111\", \"CVE-2017-10114\", \"CVE-2017-10115\", \"CVE-2017-10116\", \"CVE-2017-10118\", \"CVE-2017-10135\", \"CVE-2017-10176\", \"CVE-2017-10193\", \"CVE-2017-10198\", \"CVE-2017-10243\");\n script_xref(name:\"RHSA\", value:\"2017:1790\");\n\n script_name(english:\"RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2017:1790)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.8.0-oracle is now available for Oracle Java for\nRed Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOracle Java SE version 8 includes the Oracle Java Runtime Environment\nand the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 141.\n\nSecurity Fix(es) :\n\n* This update fixes multiple vulnerabilities in the Oracle Java\nRuntime Environment and the Oracle Java Software Development Kit.\nFurther information about these flaws can be found on the Oracle Java\nSE Critical Patch Update Advisory page, listed in the References\nsection. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074,\nCVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087,\nCVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101,\nCVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108,\nCVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114,\nCVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135,\nCVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)\"\n );\n # http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76f5def7\"\n );\n # http://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?755142b1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10243\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-oracle-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-oracle-javafx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-oracle-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-oracle-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-oracle-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1790\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.8.0-oracle-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.8.0-oracle-devel-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-devel-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.8.0-oracle-javafx-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-javafx-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.8.0-oracle-jdbc-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-jdbc-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.8.0-oracle-plugin-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-plugin-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.8.0-oracle-src-1.8.0.141-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-src-1.8.0.141-1jpp.1.el6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-1.8.0.141-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-devel-1.8.0.141-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-javafx-1.8.0.141-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-jdbc-1.8.0.141-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-plugin-1.8.0.141-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.8.0-oracle-src-1.8.0.141-1jpp.1.el7_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-oracle / java-1.8.0-oracle-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:32:01", "bulletinFamily": "scanner", "description": "An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nOracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 151.\n\nSecurity Fix(es) :\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\nFurther information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2017-1791.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101881", "published": "2017-07-21T00:00:00", "title": "RHEL 6 / 7 : java-1.7.0-oracle (RHSA-2017:1791)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1791. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101881);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2018/11/10 11:49:56\");\n\n script_cve_id(\"CVE-2017-10053\", \"CVE-2017-10067\", \"CVE-2017-10074\", \"CVE-2017-10081\", \"CVE-2017-10086\", \"CVE-2017-10087\", \"CVE-2017-10089\", \"CVE-2017-10090\", \"CVE-2017-10096\", \"CVE-2017-10101\", \"CVE-2017-10102\", \"CVE-2017-10105\", \"CVE-2017-10107\", \"CVE-2017-10108\", \"CVE-2017-10109\", \"CVE-2017-10110\", \"CVE-2017-10114\", \"CVE-2017-10115\", \"CVE-2017-10116\", \"CVE-2017-10118\", \"CVE-2017-10135\", \"CVE-2017-10176\", \"CVE-2017-10193\", \"CVE-2017-10198\", \"CVE-2017-10243\");\n script_xref(name:\"RHSA\", value:\"2017:1791\");\n\n script_name(english:\"RHEL 6 / 7 : java-1.7.0-oracle (RHSA-2017:1791)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.7.0-oracle is now available for Oracle Java for\nRed Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nOracle Java SE version 7 includes the Oracle Java Runtime Environment\nand the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 151.\n\nSecurity Fix(es) :\n\n* This update fixes multiple vulnerabilities in the Oracle Java\nRuntime Environment and the Oracle Java Software Development Kit.\nFurther information about these flaws can be found on the Oracle Java\nSE Critical Patch Update Advisory page, listed in the References\nsection. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074,\nCVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089,\nCVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102,\nCVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109,\nCVE-2017-10110, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116,\nCVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193,\nCVE-2017-10198, CVE-2017-10243)\"\n );\n # http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76f5def7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.oracle.com/technetwork/java/javaseproducts/documentation/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10096\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10116\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-10243\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-javafx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-oracle-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1791\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.0-oracle-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.0-oracle-javafx-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-javafx-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.0-oracle-jdbc-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-jdbc-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.0-oracle-plugin-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-plugin-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"java-1.7.0-oracle-src-1.7.0.151-1jpp.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-src-1.7.0.151-1jpp.1.el6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"java-1.7.0-oracle-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"i686\", reference:\"java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-devel-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-javafx-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-jdbc-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-plugin-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-oracle-src-1.7.0.151-1jpp.1.el7_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.7.0-oracle / java-1.7.0-oracle-devel / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:32:31", "bulletinFamily": "scanner", "description": "This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0) fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2017-10053: Improved image post-processing steps (bsc#1049305)\n\n - CVE-2017-10067: Additional jar validation steps (bsc#1049306)\n\n - CVE-2017-10074: Image conversion improvements (bsc#1049307)\n\n - CVE-2017-10078: Better script accessibility for JavaScript (bsc#1049308)\n\n - CVE-2017-10081: Right parenthesis issue (bsc#1049309)\n\n - CVE-2017-10086: Unspecified vulnerability in subcomponent JavaFX (bsc#1049310)\n\n - CVE-2017-10087: Better Thread Pool execution (bsc#1049311)\n\n - CVE-2017-10089: Service Registration Lifecycle (bsc#1049312)\n\n - CVE-2017-10090: Better handling of channel groups (bsc#1049313)\n\n - CVE-2017-10096: Transform Transformer Exceptions (bsc#1049314)\n\n - CVE-2017-10101: Better reading of text catalogs (bsc#1049315)\n\n - CVE-2017-10102: Improved garbage collection (bsc#1049316)\n\n - CVE-2017-10105: Unspecified vulnerability in subcomponent deployment (bsc#1049317)\n\n - CVE-2017-10107: Less Active Activations (bsc#1049318)\n\n - CVE-2017-10108: Better naming attribution (bsc#1049319)\n\n - CVE-2017-10109: Better sourcing of code (bsc#1049320)\n\n - CVE-2017-10110: Better image fetching (bsc#1049321)\n\n - CVE-2017-10111: Rearrange MethodHandle arrangements (bsc#1049322)\n\n - CVE-2017-10114: Unspecified vulnerability in subcomponent JavaFX (bsc#1049323)\n\n - CVE-2017-10115: Higher quality DSA operations (bsc#1049324)\n\n - CVE-2017-10116: Proper directory lookup processing (bsc#1049325)\n\n - CVE-2017-10118: Higher quality ECDSA operations (bsc#1049326)\n\n - CVE-2017-10125: Unspecified vulnerability in subcomponent deployment (bsc#1049327)\n\n - CVE-2017-10135: Better handling of PKCS8 material (bsc#1049328)\n\n - CVE-2017-10176: Additional elliptic curve support (bsc#1049329)\n\n - CVE-2017-10193: Improve algorithm constraints implementation (bsc#1049330)\n\n - CVE-2017-10198: Clear certificate chain connections (bsc#1049331)\n\n - CVE-2017-10243: Unspecified vulnerability in subcomponent JAX-WS (bsc#1049332)\n\nBug fixes :\n\n - Check registry registration location\n\n - Improved certificate processing\n\n - JMX diagnostic improvements\n\n - Update to libpng 1.6.28\n\n - Import of OpenJDK 8 u141 build 15 (bsc#1049302)\n\nNew features :\n\n - Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update project.", "modified": "2018-01-26T00:00:00", "id": "OPENSUSE-2017-954.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=102621", "published": "2017-08-21T00:00:00", "title": "openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2017-954)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-954.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102621);\n script_version(\"$Revision: 3.4 $\");\n script_cvs_date(\"$Date: 2018/01/26 17:50:29 $\");\n\n script_cve_id(\"CVE-2017-10053\", \"CVE-2017-10067\", \"CVE-2017-10074\", \"CVE-2017-10078\", \"CVE-2017-10081\", \"CVE-2017-10086\", \"CVE-2017-10087\", \"CVE-2017-10089\", \"CVE-2017-10090\", \"CVE-2017-10096\", \"CVE-2017-10101\", \"CVE-2017-10102\", \"CVE-2017-10105\", \"CVE-2017-10107\", \"CVE-2017-10108\", \"CVE-2017-10109\", \"CVE-2017-10110\", \"CVE-2017-10111\", \"CVE-2017-10114\", \"CVE-2017-10115\", \"CVE-2017-10116\", \"CVE-2017-10118\", \"CVE-2017-10125\", \"CVE-2017-10135\", \"CVE-2017-10176\", \"CVE-2017-10193\", \"CVE-2017-10198\", \"CVE-2017-10243\");\n\n script_name(english:\"openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2017-954)\");\n script_summary(english:\"Check for the openSUSE-2017-954 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0)\nfixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2017-10053: Improved image post-processing steps\n (bsc#1049305)\n\n - CVE-2017-10067: Additional jar validation steps\n (bsc#1049306)\n\n - CVE-2017-10074: Image conversion improvements\n (bsc#1049307)\n\n - CVE-2017-10078: Better script accessibility for\n JavaScript (bsc#1049308)\n\n - CVE-2017-10081: Right parenthesis issue (bsc#1049309)\n\n - CVE-2017-10086: Unspecified vulnerability in\n subcomponent JavaFX (bsc#1049310)\n\n - CVE-2017-10087: Better Thread Pool execution\n (bsc#1049311)\n\n - CVE-2017-10089: Service Registration Lifecycle\n (bsc#1049312)\n\n - CVE-2017-10090: Better handling of channel groups\n (bsc#1049313)\n\n - CVE-2017-10096: Transform Transformer Exceptions\n (bsc#1049314)\n\n - CVE-2017-10101: Better reading of text catalogs\n (bsc#1049315)\n\n - CVE-2017-10102: Improved garbage collection\n (bsc#1049316)\n\n - CVE-2017-10105: Unspecified vulnerability in\n subcomponent deployment (bsc#1049317)\n\n - CVE-2017-10107: Less Active Activations (bsc#1049318)\n\n - CVE-2017-10108: Better naming attribution (bsc#1049319)\n\n - CVE-2017-10109: Better sourcing of code (bsc#1049320)\n\n - CVE-2017-10110: Better image fetching (bsc#1049321)\n\n - CVE-2017-10111: Rearrange MethodHandle arrangements\n (bsc#1049322)\n\n - CVE-2017-10114: Unspecified vulnerability in\n subcomponent JavaFX (bsc#1049323)\n\n - CVE-2017-10115: Higher quality DSA operations\n (bsc#1049324)\n\n - CVE-2017-10116: Proper directory lookup processing\n (bsc#1049325)\n\n - CVE-2017-10118: Higher quality ECDSA operations\n (bsc#1049326)\n\n - CVE-2017-10125: Unspecified vulnerability in\n subcomponent deployment (bsc#1049327)\n\n - CVE-2017-10135: Better handling of PKCS8 material\n (bsc#1049328)\n\n - CVE-2017-10176: Additional elliptic curve support\n (bsc#1049329)\n\n - CVE-2017-10193: Improve algorithm constraints\n implementation (bsc#1049330)\n\n - CVE-2017-10198: Clear certificate chain connections\n (bsc#1049331)\n\n - CVE-2017-10243: Unspecified vulnerability in\n subcomponent JAX-WS (bsc#1049332)\n\nBug fixes :\n\n - Check registry registration location\n\n - Improved certificate processing\n\n - JMX diagnostic improvements\n\n - Update to libpng 1.6.28\n\n - Import of OpenJDK 8 u141 build 15 (bsc#1049302)\n\nNew features :\n\n - Support using RSAandMGF1 with the SHA hash algorithms in\n the PKCS11 provider\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049329\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049331\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049332\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_8_0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2|SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2 / 42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-accessibility-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-demo-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-devel-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-javadoc-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"java-1_8_0-openjdk-src-1.8.0.144-10.13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-accessibility-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-demo-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-devel-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-javadoc-1.8.0.144-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"java-1_8_0-openjdk-src-1.8.0.144-13.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:41:52", "bulletinFamily": "scanner", "description": "An update of [openjdk,openjre,pycrypto,python3-pycrypto] packages for PhotonOS has been released.", "modified": "2019-02-07T00:00:00", "id": "PHOTONOS_PHSA-2017-0026.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=111875", "published": "2018-08-17T00:00:00", "title": "Photon OS 1.0: Openjdk / Openjre / Pycrypto / Python3 PHSA-2017-0026 (deprecated)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0026. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111875);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\n \"CVE-2013-7459\",\n \"CVE-2017-10053\",\n \"CVE-2017-10067\",\n \"CVE-2017-10074\",\n \"CVE-2017-10078\",\n \"CVE-2017-10086\",\n \"CVE-2017-10087\",\n \"CVE-2017-10089\",\n \"CVE-2017-10090\",\n \"CVE-2017-10096\",\n \"CVE-2017-10102\",\n \"CVE-2017-10104\",\n \"CVE-2017-10105\",\n \"CVE-2017-10107\",\n \"CVE-2017-10108\",\n \"CVE-2017-10109\",\n \"CVE-2017-10111\",\n \"CVE-2017-10114\",\n \"CVE-2017-10115\",\n \"CVE-2017-10116\",\n \"CVE-2017-10117\",\n \"CVE-2017-10118\",\n \"CVE-2017-10121\",\n \"CVE-2017-10125\",\n \"CVE-2017-10135\",\n \"CVE-2017-10145\",\n \"CVE-2017-10176\",\n \"CVE-2017-10198\",\n \"CVE-2017-10243\"\n );\n\n script_name(english:\"Photon OS 1.0: Openjdk / Openjre / Pycrypto / Python3 PHSA-2017-0026 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of [openjdk,openjre,pycrypto,python3-pycrypto] packages for\nPhotonOS has been released.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-56\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?63d4d4e0\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-7459\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openjre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:pycrypto\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"openjdk-1.8.0.141-1.ph1\",\n \"openjdk-debuginfo-1.8.0.141-1.ph1\",\n \"openjdk-doc-1.8.0.141-1.ph1\",\n \"openjdk-sample-1.8.0.141-1.ph1\",\n \"openjdk-src-1.8.0.141-1.ph1\",\n \"openjre-1.8.0.141-1.ph1\",\n \"pycrypto-2.6.1-3.ph1\",\n \"pycrypto-debuginfo-2.6.1-3.ph1\",\n \"python3-pycrypto-2.6.1-3.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjdk / openjre / pycrypto / python3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-08T12:51:51", "bulletinFamily": "scanner", "description": "An update of the openjre package has been released.", "modified": "2019-02-07T00:00:00", "published": "2019-02-07T00:00:00", "id": "PHOTONOS_PHSA-2017-0026_OPENJRE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=121719", "title": "Photon OS 1.0: Openjre PHSA-2017-0026", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.`\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0026. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121719);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/02/07 18:14:47\");\n\n script_cve_id(\n \"CVE-2013-7459\",\n \"CVE-2017-10053\",\n \"CVE-2017-10067\",\n \"CVE-2017-10074\",\n \"CVE-2017-10078\",\n \"CVE-2017-10086\",\n \"CVE-2017-10087\",\n \"CVE-2017-10089\",\n \"CVE-2017-10090\",\n \"CVE-2017-10096\",\n \"CVE-2017-10102\",\n \"CVE-2017-10104\",\n \"CVE-2017-10105\",\n \"CVE-2017-10107\",\n \"CVE-2017-10108\",\n \"CVE-2017-10109\",\n \"CVE-2017-10111\",\n \"CVE-2017-10114\",\n \"CVE-2017-10115\",\n \"CVE-2017-10116\",\n \"CVE-2017-10117\",\n \"CVE-2017-10118\",\n \"CVE-2017-10121\",\n \"CVE-2017-10125\",\n \"CVE-2017-10135\",\n \"CVE-2017-10145\",\n \"CVE-2017-10176\",\n \"CVE-2017-10198\",\n \"CVE-2017-10243\"\n );\n\n script_name(english:\"Photon OS 1.0: Openjre PHSA-2017-0026\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openjre package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-56.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-7459\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openjre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjre-1.8.0.141-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjre\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-08T12:51:51", "bulletinFamily": "scanner", "description": "An update of the openjdk package has been released.", "modified": "2019-02-07T00:00:00", "published": "2019-02-07T00:00:00", "id": "PHOTONOS_PHSA-2017-0026_OPENJDK.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=121718", "title": "Photon OS 1.0: Openjdk PHSA-2017-0026", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.`\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2017-0026. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121718);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2019/02/07 18:14:47\");\n\n script_cve_id(\n \"CVE-2013-7459\",\n \"CVE-2017-10053\",\n \"CVE-2017-10067\",\n \"CVE-2017-10074\",\n \"CVE-2017-10078\",\n \"CVE-2017-10086\",\n \"CVE-2017-10087\",\n \"CVE-2017-10089\",\n \"CVE-2017-10090\",\n \"CVE-2017-10096\",\n \"CVE-2017-10102\",\n \"CVE-2017-10104\",\n \"CVE-2017-10105\",\n \"CVE-2017-10107\",\n \"CVE-2017-10108\",\n \"CVE-2017-10109\",\n \"CVE-2017-10111\",\n \"CVE-2017-10114\",\n \"CVE-2017-10115\",\n \"CVE-2017-10116\",\n \"CVE-2017-10117\",\n \"CVE-2017-10118\",\n \"CVE-2017-10121\",\n \"CVE-2017-10125\",\n \"CVE-2017-10135\",\n \"CVE-2017-10145\",\n \"CVE-2017-10176\",\n \"CVE-2017-10198\",\n \"CVE-2017-10243\"\n );\n\n script_name(english:\"Photon OS 1.0: Openjdk PHSA-2017-0026\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the openjdk package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-56.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-7459\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-debuginfo-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-doc-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-sample-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"openjdk-src-1.8.0.141-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjdk\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:31:59", "bulletinFamily": "scanner", "description": "The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10053)\n\n - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10067, CVE-2017-10116)\n\n - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10074)\n\n - An unspecified flaw exists in the Scripting component that allows an authenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10078)\n\n - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10081)\n\n - Multiple unspecified flaws exist in the JavaFX component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10086, CVE-2017-10114)\n\n - Multiple unspecified flaws exist in the Libraries component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10087, CVE-2017-10090, CVE-2017-10111)\n\n - An unspecified flaw exists in the ImageIO component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10089)\n\n - Multiple unspecified flaws exist in the JAXP component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10096, CVE-2017-10101)\n\n - Multiple unspecified flaws exist in the RMI component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10102, CVE-2017-10107)\n\n - Multiple unspecified flaws exist in the Server component of the Java Advanced Management Console that allow an authenticated, remote attacker to impact confidentiality, integrity, and availability.\n (CVE-2017-10104, CVE-2017-10145)\n\n - An unspecified flaw exists in the Deployment component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10105)\n\n - Multiple unspecified flaws exist in the Serialization component that allow an unauthenticated, remote attacker to exhaust available memory, resulting in a denial of service condition. (CVE-2017-10108, CVE-2017-10109)\n\n - An unspecified flaw exists in the AWT component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10110)\n\n - Multiple unspecified flaws exist in the JCE component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10115, CVE-2017-10118, CVE-2017-10135)\n\n - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10117)\n\n - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10121)\n\n - An unspecified flaw exists in the Deployment component that allows a local attacker to impact confidentiality, integrity, and availability. (CVE-2017-10125)\n\n - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10176, CVE-2017-10193, CVE-2017-10198)\n\n - An unspecified flaw exists in the JAX-WS component that allows an unauthenticated, remote attacker to impact confidentiality and availability. (CVE-2017-10243)", "modified": "2018-11-15T00:00:00", "id": "ORACLE_JAVA_CPU_JUL_2017_UNIX.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101844", "published": "2017-07-20T00:00:00", "title": "Oracle Java SE Multiple Vulnerabilities (July 2017 CPU) (Unix)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101844);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/15 20:50:23\");\n\n script_cve_id(\n \"CVE-2017-10053\",\n \"CVE-2017-10067\",\n \"CVE-2017-10074\",\n \"CVE-2017-10078\",\n \"CVE-2017-10081\",\n \"CVE-2017-10086\",\n \"CVE-2017-10087\",\n \"CVE-2017-10089\",\n \"CVE-2017-10090\",\n \"CVE-2017-10096\",\n \"CVE-2017-10101\",\n \"CVE-2017-10102\",\n \"CVE-2017-10104\",\n \"CVE-2017-10105\",\n \"CVE-2017-10107\",\n \"CVE-2017-10108\",\n \"CVE-2017-10109\",\n \"CVE-2017-10110\",\n \"CVE-2017-10111\",\n \"CVE-2017-10114\",\n \"CVE-2017-10115\",\n \"CVE-2017-10116\",\n \"CVE-2017-10117\",\n \"CVE-2017-10118\",\n \"CVE-2017-10121\",\n \"CVE-2017-10125\",\n \"CVE-2017-10135\",\n \"CVE-2017-10145\",\n \"CVE-2017-10176\",\n \"CVE-2017-10193\",\n \"CVE-2017-10198\",\n \"CVE-2017-10243\"\n );\n script_bugtraq_id(\n 99643,\n 99659,\n 99662,\n 99670,\n 99674,\n 99703,\n 99706,\n 99707,\n 99712,\n 99719,\n 99726,\n 99731,\n 99734,\n 99752,\n 99756,\n 99774,\n 99782,\n 99788,\n 99797,\n 99804,\n 99809,\n 99818,\n 99827,\n 99832,\n 99835,\n 99839,\n 99842,\n 99846,\n 99847,\n 99851,\n 99853,\n 99854\n );\n\n script_name(english:\"Oracle Java SE Multiple Vulnerabilities (July 2017 CPU) (Unix)\");\n script_summary(english:\"Checks the version of the JRE.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host contains a programming platform that is affected\nby multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle (formerly Sun) Java SE or Java for Business\ninstalled on the remote host is prior to 8 Update 141, 7 Update 151,\nor 6 Update 161. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists in the 2D component that\n allows an unauthenticated, remote attacker to cause a\n denial of service condition. (CVE-2017-10053)\n\n - Multiple unspecified flaws exist in the Security\n component that allow an unauthenticated, remote attacker\n to execute arbitrary code. (CVE-2017-10067,\n CVE-2017-10116)\n\n - An unspecified flaw exists in the Hotspot component that\n allows an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2017-10074)\n\n - An unspecified flaw exists in the Scripting component\n that allows an authenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2017-10078)\n\n - An unspecified flaw exists in the Hotspot component that\n allows an unauthenticated, remote attacker to impact\n integrity. (CVE-2017-10081)\n\n - Multiple unspecified flaws exist in the JavaFX component\n that allow an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2017-10086, CVE-2017-10114)\n\n - Multiple unspecified flaws exist in the Libraries\n component that allow an unauthenticated, remote attacker\n to execute arbitrary code. (CVE-2017-10087,\n CVE-2017-10090, CVE-2017-10111)\n\n - An unspecified flaw exists in the ImageIO component that\n allows an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2017-10089)\n\n - Multiple unspecified flaws exist in the JAXP component\n that allow an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2017-10096, CVE-2017-10101)\n\n - Multiple unspecified flaws exist in the RMI component\n that allow an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2017-10102, CVE-2017-10107)\n\n - Multiple unspecified flaws exist in the Server component\n of the Java Advanced Management Console that allow an\n authenticated, remote attacker to impact\n confidentiality, integrity, and availability.\n (CVE-2017-10104, CVE-2017-10145)\n\n - An unspecified flaw exists in the Deployment component\n that allows an unauthenticated, remote attacker to\n impact integrity. (CVE-2017-10105)\n\n - Multiple unspecified flaws exist in the Serialization\n component that allow an unauthenticated, remote attacker\n to exhaust available memory, resulting in a denial of\n service condition. (CVE-2017-10108, CVE-2017-10109)\n\n - An unspecified flaw exists in the AWT component that\n allows an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2017-10110)\n\n - Multiple unspecified flaws exist in the JCE component\n that allow an unauthenticated, remote attacker to\n disclose sensitive information. (CVE-2017-10115,\n CVE-2017-10118, CVE-2017-10135)\n\n - An unspecified flaw exists in the Server component of\n the Java Advanced Management Console that allows an\n unauthenticated, remote attacker to disclose sensitive\n information. (CVE-2017-10117)\n\n - An unspecified flaw exists in the Server component of\n the Java Advanced Management Console that allows an\n unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2017-10121)\n\n - An unspecified flaw exists in the Deployment component\n that allows a local attacker to impact confidentiality,\n integrity, and availability. (CVE-2017-10125)\n\n - Multiple unspecified flaws exist in the Security\n component that allow an unauthenticated, remote attacker\n to disclose sensitive information. (CVE-2017-10176,\n CVE-2017-10193, CVE-2017-10198)\n\n - An unspecified flaw exists in the JAX-WS component that\n allows an unauthenticated, remote attacker to impact\n confidentiality and availability. (CVE-2017-10243)\");\n # http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76f5def7\");\n # http://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?755142b1\");\n # https://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2fbcacca\");\n # http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?726f7054\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle JDK / JRE 8 Update 141 / 7 Update 151 / 6 Update\n161 or later. If necessary, remove any affected versions.\n\nNote that an Extended Support contract with Oracle is needed to obtain\nJDK / JRE 6 Update 95 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdk\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n\n installed_versions = installed_versions + \" & \" + ver;\n\n # Fixes : (JDK|JRE) 8 Update 141 / 7 Update 151 / 6 Update 161\n if (\n ver =~ '^1\\\\.6\\\\.0_([0-9]|[0-9][0-9]|1[0-5][0-9]|160)([^0-9]|$)' ||\n ver =~ '^1\\\\.7\\\\.0_([0-9]|[0-9][0-9]|1[0-4][0-9]|150)([^0-9]|$)' ||\n ver =~ '^1\\\\.8\\\\.0_([0-9]|[0-9][0-9]|1[0-3][0-9]|140)([^0-9]|$)'\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_161 / 1.7.0_151 / 1.8.0_141\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installations on the remote host are not affected.\");\n else\n audit(AUDIT_INST_VER_NOT_VULN, \"Java\", installed_versions);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:33:06", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201709-22 (Oracle JDK/JRE, IcedTea: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Oracle’s JRE, JDK and IcedTea. Please review the referenced CVE identifiers for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or gain access to information.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-01-26T00:00:00", "id": "GENTOO_GLSA-201709-22.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=103450", "published": "2017-09-25T00:00:00", "title": "GLSA-201709-22 : Oracle JDK/JRE, IcedTea: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201709-22.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(103450);\n script_version(\"$Revision: 3.5 $\");\n script_cvs_date(\"$Date: 2018/01/26 17:15:57 $\");\n\n script_cve_id(\"CVE-2017-10053\", \"CVE-2017-10067\", \"CVE-2017-10074\", \"CVE-2017-10078\", \"CVE-2017-10081\", \"CVE-2017-10086\", \"CVE-2017-10087\", \"CVE-2017-10089\", \"CVE-2017-10090\", \"CVE-2017-10096\", \"CVE-2017-10101\", \"CVE-2017-10102\", \"CVE-2017-10105\", \"CVE-2017-10107\", \"CVE-2017-10108\", \"CVE-2017-10109\", \"CVE-2017-10110\", \"CVE-2017-10111\", \"CVE-2017-10114\", \"CVE-2017-10115\", \"CVE-2017-10116\", \"CVE-2017-10117\", \"CVE-2017-10118\", \"CVE-2017-10121\", \"CVE-2017-10125\", \"CVE-2017-10135\", \"CVE-2017-10176\", \"CVE-2017-10193\", \"CVE-2017-10198\", \"CVE-2017-10243\");\n script_xref(name:\"GLSA\", value:\"201709-22\");\n\n script_name(english:\"GLSA-201709-22 : Oracle JDK/JRE, IcedTea: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201709-22\n(Oracle JDK/JRE, IcedTea: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Oracle’s JRE, JDK and\n IcedTea. Please review the referenced CVE identifiers for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process, cause a Denial of Service condition, or gain\n access to information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201709-22\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Oracle JDK binary users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=dev-java/oracle-jdk-bin-1.8.0.141'\n All Oracle JRE binary users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=dev-java/oracle-jre-bin-1.8.0.141'\n All IcedTea binary 7.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/icedtea-bin-7.2.6.11'\n All IcedTea binary 3.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/icedtea-bin-3.5.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:icedtea-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:oracle-jdk-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:oracle-jre-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-java/oracle-jre-bin\", unaffected:make_list(\"ge 1.8.0.141\"), vulnerable:make_list(\"lt 1.8.0.141\"))) flag++;\nif (qpkg_check(package:\"dev-java/oracle-jdk-bin\", unaffected:make_list(\"ge 1.8.0.141\"), vulnerable:make_list(\"lt 1.8.0.141\"))) flag++;\nif (qpkg_check(package:\"dev-java/icedtea-bin\", unaffected:make_list(\"ge 7.2.6.11\", \"ge 3.5.0\"), vulnerable:make_list(\"lt 7.2.6.11\", \"lt 3.5.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Oracle JDK/JRE / IcedTea\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:31:59", "bulletinFamily": "scanner", "description": "The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2017-10053)\n\n - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10067, CVE-2017-10116)\n\n - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10074)\n\n - An unspecified flaw exists in the Scripting component that allows an authenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10078)\n\n - An unspecified flaw exists in the Hotspot component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10081)\n\n - Multiple unspecified flaws exist in the JavaFX component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10086, CVE-2017-10114)\n\n - Multiple unspecified flaws exist in the Libraries component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10087, CVE-2017-10090, CVE-2017-10111)\n\n - An unspecified flaw exists in the ImageIO component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10089)\n\n - Multiple unspecified flaws exist in the JAXP component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10096, CVE-2017-10101)\n\n - Multiple unspecified flaws exist in the RMI component that allow an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10102, CVE-2017-10107)\n\n - Multiple unspecified flaws exist in the Server component of the Java Advanced Management Console that allow an authenticated, remote attacker to impact confidentiality, integrity, and availability.\n (CVE-2017-10104, CVE-2017-10145)\n\n - An unspecified flaw exists in the Deployment component that allows an unauthenticated, remote attacker to impact integrity. (CVE-2017-10105)\n\n - Multiple unspecified flaws exist in the Serialization component that allow an unauthenticated, remote attacker to exhaust available memory, resulting in a denial of service condition. (CVE-2017-10108, CVE-2017-10109)\n\n - An unspecified flaw exists in the AWT component that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-10110)\n\n - Multiple unspecified flaws exist in the JCE component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10115, CVE-2017-10118, CVE-2017-10135)\n\n - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10117)\n\n - An unspecified flaw exists in the Server component of the Java Advanced Management Console that allows an unauthenticated, remote attacker to impact confidentiality and integrity. (CVE-2017-10121)\n\n - An unspecified flaw exists in the Deployment component that allows a local attacker to impact confidentiality, integrity, and availability. (CVE-2017-10125)\n\n - Multiple unspecified flaws exist in the Security component that allow an unauthenticated, remote attacker to disclose sensitive information. (CVE-2017-10176, CVE-2017-10193, CVE-2017-10198)\n\n - An unspecified flaw exists in the JAX-WS component that allows an unauthenticated, remote attacker to impact confidentiality and availability. (CVE-2017-10243)", "modified": "2018-11-15T00:00:00", "id": "ORACLE_JAVA_CPU_JUL_2017.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101843", "published": "2017-07-20T00:00:00", "title": "Oracle Java SE Multiple Vulnerabilities (July 2017 CPU)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101843);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\n \"CVE-2017-10053\",\n \"CVE-2017-10067\",\n \"CVE-2017-10074\",\n \"CVE-2017-10078\",\n \"CVE-2017-10081\",\n \"CVE-2017-10086\",\n \"CVE-2017-10087\",\n \"CVE-2017-10089\",\n \"CVE-2017-10090\",\n \"CVE-2017-10096\",\n \"CVE-2017-10101\",\n \"CVE-2017-10102\",\n \"CVE-2017-10104\",\n \"CVE-2017-10105\",\n \"CVE-2017-10107\",\n \"CVE-2017-10108\",\n \"CVE-2017-10109\",\n \"CVE-2017-10110\",\n \"CVE-2017-10111\",\n \"CVE-2017-10114\",\n \"CVE-2017-10115\",\n \"CVE-2017-10116\",\n \"CVE-2017-10117\",\n \"CVE-2017-10118\",\n \"CVE-2017-10121\",\n \"CVE-2017-10125\",\n \"CVE-2017-10135\",\n \"CVE-2017-10145\",\n \"CVE-2017-10176\",\n \"CVE-2017-10193\",\n \"CVE-2017-10198\",\n \"CVE-2017-10243\"\n );\n script_bugtraq_id(\n 99643,\n 99659,\n 99662,\n 99670,\n 99674,\n 99703,\n 99706,\n 99707,\n 99712,\n 99719,\n 99726,\n 99731,\n 99734,\n 99752,\n 99756,\n 99774,\n 99782,\n 99788,\n 99797,\n 99804,\n 99809,\n 99818,\n 99827,\n 99832,\n 99835,\n 99839,\n 99842,\n 99846,\n 99847,\n 99851,\n 99853,\n 99854\n );\n\n script_name(english:\"Oracle Java SE Multiple Vulnerabilities (July 2017 CPU)\");\n script_summary(english:\"Checks the version of the JRE.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a programming platform that is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle (formerly Sun) Java SE or Java for Business\ninstalled on the remote host is prior to 8 Update 141, 7 Update 151,\nor 6 Update 161. It is, therefore, affected by multiple\nvulnerabilities :\n\n - An unspecified flaw exists in the 2D component that\n allows an unauthenticated, remote attacker to cause a\n denial of service condition. (CVE-2017-10053)\n\n - Multiple unspecified flaws exist in the Security\n component that allow an unauthenticated, remote attacker\n to execute arbitrary code. (CVE-2017-10067,\n CVE-2017-10116)\n\n - An unspecified flaw exists in the Hotspot component that\n allows an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2017-10074)\n\n - An unspecified flaw exists in the Scripting component\n that allows an authenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2017-10078)\n\n - An unspecified flaw exists in the Hotspot component that\n allows an unauthenticated, remote attacker to impact\n integrity. (CVE-2017-10081)\n\n - Multiple unspecified flaws exist in the JavaFX component\n that allow an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2017-10086, CVE-2017-10114)\n\n - Multiple unspecified flaws exist in the Libraries\n component that allow an unauthenticated, remote attacker\n to execute arbitrary code. (CVE-2017-10087,\n CVE-2017-10090, CVE-2017-10111)\n\n - An unspecified flaw exists in the ImageIO component that\n allows an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2017-10089)\n\n - Multiple unspecified flaws exist in the JAXP component\n that allow an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2017-10096, CVE-2017-10101)\n\n - Multiple unspecified flaws exist in the RMI component\n that allow an unauthenticated, remote attacker to\n execute arbitrary code. (CVE-2017-10102, CVE-2017-10107)\n\n - Multiple unspecified flaws exist in the Server component\n of the Java Advanced Management Console that allow an\n authenticated, remote attacker to impact\n confidentiality, integrity, and availability.\n (CVE-2017-10104, CVE-2017-10145)\n\n - An unspecified flaw exists in the Deployment component\n that allows an unauthenticated, remote attacker to\n impact integrity. (CVE-2017-10105)\n\n - Multiple unspecified flaws exist in the Serialization\n component that allow an unauthenticated, remote attacker\n to exhaust available memory, resulting in a denial of\n service condition. (CVE-2017-10108, CVE-2017-10109)\n\n - An unspecified flaw exists in the AWT component that\n allows an unauthenticated, remote attacker to execute\n arbitrary code. (CVE-2017-10110)\n\n - Multiple unspecified flaws exist in the JCE component\n that allow an unauthenticated, remote attacker to\n disclose sensitive information. (CVE-2017-10115,\n CVE-2017-10118, CVE-2017-10135)\n\n - An unspecified flaw exists in the Server component of\n the Java Advanced Management Console that allows an\n unauthenticated, remote attacker to disclose sensitive\n information. (CVE-2017-10117)\n\n - An unspecified flaw exists in the Server component of\n the Java Advanced Management Console that allows an\n unauthenticated, remote attacker to impact\n confidentiality and integrity. (CVE-2017-10121)\n\n - An unspecified flaw exists in the Deployment component\n that allows a local attacker to impact confidentiality,\n integrity, and availability. (CVE-2017-10125)\n\n - Multiple unspecified flaws exist in the Security\n component that allow an unauthenticated, remote attacker\n to disclose sensitive information. (CVE-2017-10176,\n CVE-2017-10193, CVE-2017-10198)\n\n - An unspecified flaw exists in the JAX-WS component that\n allows an unauthenticated, remote attacker to impact\n confidentiality and availability. (CVE-2017-10243)\");\n # http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?76f5def7\");\n # http://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?755142b1\");\n # https://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2fbcacca\");\n # http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?726f7054\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle JDK / JRE 8 Update 141 / 7 Update 151 / 6 Update\n161 or later. If necessary, remove any affected versions.\n\nNote that an Extended Support contract with Oracle is needed to obtain\nJDK / JRE 6 Update 95 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jdk\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"SMB/Java/JRE/*\");\n\ninfo = \"\";\nvuln = 0;\ninstalled_versions = \"\";\n\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (ver !~ \"^[0-9.]+\") continue;\n\n installed_versions = installed_versions + \" & \" + ver;\n\n # Fixes : (JDK|JRE) 8 Update 141 / 7 Update 151 / 6 Update 161\n if (\n ver =~ '^1\\\\.6\\\\.0_([0-9]|[0-9][0-9]|1[0-5][0-9]|160)([^0-9]|$)' ||\n ver =~ '^1\\\\.7\\\\.0_([0-9]|[0-9][0-9]|1[0-4][0-9]|150)([^0-9]|$)' ||\n ver =~ '^1\\\\.8\\\\.0_([0-9]|[0-9][0-9]|1[0-3][0-9]|140)([^0-9]|$)'\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.6.0_161 / 1.7.0_151 / 1.8.0_141\\n';\n }\n}\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n if (vuln > 1) s = \"s of Java are\";\n else s = \" of Java is\";\n\n report =\n '\\n' +\n 'The following vulnerable instance'+s+' installed on the\\n' +\n 'remote host :\\n' +\n info;\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse\n{\n installed_versions = substr(installed_versions, 3);\n if (\" & \" >< installed_versions)\n exit(0, \"The Java \"+installed_versions+\" installations on the remote host are not affected.\");\n else\n audit(AUDIT_INST_VER_NOT_VULN, \"Java\", installed_versions);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:32:28", "bulletinFamily": "scanner", "description": "This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0) fixes the following issues: Security issues fixed :\n\n - CVE-2017-10053: Improved image post-processing steps (bsc#1049305)\n\n - CVE-2017-10067: Additional jar validation steps (bsc#1049306)\n\n - CVE-2017-10074: Image conversion improvements (bsc#1049307)\n\n - CVE-2017-10078: Better script accessibility for JavaScript (bsc#1049308)\n\n - CVE-2017-10081: Right parenthesis issue (bsc#1049309)\n\n - CVE-2017-10086: Unspecified vulnerability in subcomponent JavaFX (bsc#1049310)\n\n - CVE-2017-10087: Better Thread Pool execution (bsc#1049311)\n\n - CVE-2017-10089: Service Registration Lifecycle (bsc#1049312)\n\n - CVE-2017-10090: Better handling of channel groups (bsc#1049313)\n\n - CVE-2017-10096: Transform Transformer Exceptions (bsc#1049314)\n\n - CVE-2017-10101: Better reading of text catalogs (bsc#1049315)\n\n - CVE-2017-10102: Improved garbage collection (bsc#1049316)\n\n - CVE-2017-10105: Unspecified vulnerability in subcomponent deployment (bsc#1049317)\n\n - CVE-2017-10107: Less Active Activations (bsc#1049318)\n\n - CVE-2017-10108: Better naming attribution (bsc#1049319)\n\n - CVE-2017-10109: Better sourcing of code (bsc#1049320)\n\n - CVE-2017-10110: Better image fetching (bsc#1049321)\n\n - CVE-2017-10111: Rearrange MethodHandle arrangements (bsc#1049322)\n\n - CVE-2017-10114: Unspecified vulnerability in subcomponent JavaFX (bsc#1049323)\n\n - CVE-2017-10115: Higher quality DSA operations (bsc#1049324)\n\n - CVE-2017-10116: Proper directory lookup processing (bsc#1049325)\n\n - CVE-2017-10118: Higher quality ECDSA operations (bsc#1049326)\n\n - CVE-2017-10125: Unspecified vulnerability in subcomponent deployment (bsc#1049327)\n\n - CVE-2017-10135: Better handling of PKCS8 material (bsc#1049328)\n\n - CVE-2017-10176: Additional elliptic curve support (bsc#1049329)\n\n - CVE-2017-10193: Improve algorithm constraints implementation (bsc#1049330)\n\n - CVE-2017-10198: Clear certificate chain connections (bsc#1049331)\n\n - CVE-2017-10243: Unspecified vulnerability in subcomponent JAX-WS (bsc#1049332) Bug fixes :\n\n - Check registry registration location\n\n - Improved certificate processing\n\n - JMX diagnostic improvements\n\n - Update to libpng 1.6.28\n\n - Import of OpenJDK 8 u141 build 15 (bsc#1049302) New features :\n\n - Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11 provider\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-30T00:00:00", "id": "SUSE_SU-2017-2175-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=102541", "published": "2017-08-17T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2017:2175-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:2175-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(102541);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/11/30 10:54:51\");\n\n script_cve_id(\"CVE-2017-10053\", \"CVE-2017-10067\", \"CVE-2017-10074\", \"CVE-2017-10078\", \"CVE-2017-10081\", \"CVE-2017-10086\", \"CVE-2017-10087\", \"CVE-2017-10089\", \"CVE-2017-10090\", \"CVE-2017-10096\", \"CVE-2017-10101\", \"CVE-2017-10102\", \"CVE-2017-10105\", \"CVE-2017-10107\", \"CVE-2017-10108\", \"CVE-2017-10109\", \"CVE-2017-10110\", \"CVE-2017-10111\", \"CVE-2017-10114\", \"CVE-2017-10115\", \"CVE-2017-10116\", \"CVE-2017-10118\", \"CVE-2017-10125\", \"CVE-2017-10135\", \"CVE-2017-10176\", \"CVE-2017-10193\", \"CVE-2017-10198\", \"CVE-2017-10243\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2017:2175-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0)\nfixes the following issues: Security issues fixed :\n\n - CVE-2017-10053: Improved image post-processing steps\n (bsc#1049305)\n\n - CVE-2017-10067: Additional jar validation steps\n (bsc#1049306)\n\n - CVE-2017-10074: Image conversion improvements\n (bsc#1049307)\n\n - CVE-2017-10078: Better script accessibility for\n JavaScript (bsc#1049308)\n\n - CVE-2017-10081: Right parenthesis issue (bsc#1049309)\n\n - CVE-2017-10086: Unspecified vulnerability in\n subcomponent JavaFX (bsc#1049310)\n\n - CVE-2017-10087: Better Thread Pool execution\n (bsc#1049311)\n\n - CVE-2017-10089: Service Registration Lifecycle\n (bsc#1049312)\n\n - CVE-2017-10090: Better handling of channel groups\n (bsc#1049313)\n\n - CVE-2017-10096: Transform Transformer Exceptions\n (bsc#1049314)\n\n - CVE-2017-10101: Better reading of text catalogs\n (bsc#1049315)\n\n - CVE-2017-10102: Improved garbage collection\n (bsc#1049316)\n\n - CVE-2017-10105: Unspecified vulnerability in\n subcomponent deployment (bsc#1049317)\n\n - CVE-2017-10107: Less Active Activations (bsc#1049318)\n\n - CVE-2017-10108: Better naming attribution (bsc#1049319)\n\n - CVE-2017-10109: Better sourcing of code (bsc#1049320)\n\n - CVE-2017-10110: Better image fetching (bsc#1049321)\n\n - CVE-2017-10111: Rearrange MethodHandle arrangements\n (bsc#1049322)\n\n - CVE-2017-10114: Unspecified vulnerability in\n subcomponent JavaFX (bsc#1049323)\n\n - CVE-2017-10115: Higher quality DSA operations\n (bsc#1049324)\n\n - CVE-2017-10116: Proper directory lookup processing\n (bsc#1049325)\n\n - CVE-2017-10118: Higher quality ECDSA operations\n (bsc#1049326)\n\n - CVE-2017-10125: Unspecified vulnerability in\n subcomponent deployment (bsc#1049327)\n\n - CVE-2017-10135: Better handling of PKCS8 material\n (bsc#1049328)\n\n - CVE-2017-10176: Additional elliptic curve support\n (bsc#1049329)\n\n - CVE-2017-10193: Improve algorithm constraints\n implementation (bsc#1049330)\n\n - CVE-2017-10198: Clear certificate chain connections\n (bsc#1049331)\n\n - CVE-2017-10243: Unspecified vulnerability in\n subcomponent JAX-WS (bsc#1049332) Bug fixes :\n\n - Check registry registration location\n\n - Improved certificate processing\n\n - JMX diagnostic improvements\n\n - Update to libpng 1.6.28\n\n - Import of OpenJDK 8 u141 build 15 (bsc#1049302) New\n features :\n\n - Support using RSAandMGF1 with the SHA hash algorithms in\n the PKCS11 provider\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049329\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049331\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1049332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10053/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10067/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10074/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10078/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10081/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10086/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10087/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10089/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10090/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10096/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10102/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10107/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10108/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10109/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10110/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10111/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10114/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10115/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10116/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10118/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10125/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10135/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10176/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10193/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10198/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-10243/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20172175-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1410fd1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2017-1337=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1337=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-1337=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2017-1337=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-1337=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1337=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2017-1337=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-1337=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! ereg(pattern:\"^(1|2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! ereg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-demo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-devel-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-demo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-devel-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-1.8.0.144-27.5.3\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-27.5.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T19:43:35", "bulletinFamily": "unix", "description": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 141.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)", "modified": "2018-06-07T18:20:32", "published": "2017-07-20T19:39:12", "id": "RHSA-2017:1790", "href": "https://access.redhat.com/errata/RHSA-2017:1790", "type": "redhat", "title": "(RHSA-2017:1790) Critical: java-1.8.0-oracle security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:41:24", "bulletinFamily": "unix", "description": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 151.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243)", "modified": "2018-06-07T18:20:35", "published": "2017-07-20T19:39:27", "id": "RHSA-2017:1791", "href": "https://access.redhat.com/errata/RHSA-2017:1791", "type": "redhat", "title": "(RHSA-2017:1791) Critical: java-1.7.0-oracle security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2017-09-25T01:44:46", "bulletinFamily": "unix", "description": "### Background\n\nJava Platform, Standard Edition (Java SE) lets you develop and deploy Java applications on desktops and servers, as well as in today\u2019s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today\u2019s applications require. \n\nIcedTea\u2019s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Oracle\u2019s JRE, JDK and IcedTea. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or gain access to information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Oracle JDK binary users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=dev-java/oracle-jdk-bin-1.8.0.141\"\n \n\nAll Oracle JRE binary users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=dev-java/oracle-jre-bin-1.8.0.141\"\n \n\nAll IcedTea binary 7.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/icedtea-bin-7.2.6.11\"\n \n\nAll IcedTea binary 3.x users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/icedtea-bin-3.5.0\"", "modified": "2017-09-24T00:00:00", "published": "2017-09-24T00:00:00", "href": "https://security.gentoo.org/glsa/201709-22", "id": "GLSA-201709-22", "title": "Oracle JDK/JRE, IcedTea: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-03-21T00:14:30", "bulletinFamily": "info", "description": "### *Detect date*:\n07/19/2017\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Oracle Java SE. Malicious users can exploit these vulnerabilities to gain privileges, read and write accessible data and cause a denial of service.\n\n### *Affected products*:\nOracle Java SE 6u151 \nOracle Java SE 7u141 \nOracle Java SE 8u131 \nOracle Java SE Embedded 8u131 \nOracle JRockit R28.3.14 \nOracle Java Advanced Management Console 2.6\n\n### *Solution*:\nUpdate to the latest version \n[Get Java SE](<http://www.oracle.com/technetwork/java/javase/downloads/index.html>)\n\n### *Original advisories*:\n[Oracle Critical Patch Update \u2013 July 2017](<http://www.oracle.com/technetwork/security-advisory/cpujul2017verbose-3236625.html#JAVA>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Oracle Java JRE 1.7.x](<https://threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/>)\n\n### *CVE-IDS*:\n[CVE-2017-10053](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10053>)5.0High \n[CVE-2017-10067](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10067>)5.1High \n[CVE-2017-10074](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10074>)5.1High \n[CVE-2017-10078](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10078>)5.5High \n[CVE-2017-10081](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10081>)4.3High \n[CVE-2017-10086](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10086>)6.8High \n[CVE-2017-10087](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10087>)6.8High \n[CVE-2017-10089](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10089>)6.8High \n[CVE-2017-10090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10090>)6.8High \n[CVE-2017-10096](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10096>)6.8High \n[CVE-2017-10102](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10102>)6.8High \n[CVE-2017-10104](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10104>)6.5High \n[CVE-2017-10105](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10105>)4.3High \n[CVE-2017-10107](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10107>)6.8High \n[CVE-2017-10108](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10108>)5.0High \n[CVE-2017-10109](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10109>)5.0High \n[CVE-2017-10110](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10110>)6.8High \n[CVE-2017-10111](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10111>)6.8High \n[CVE-2017-10114](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10114>)5.1High \n[CVE-2017-10115](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10115>)5.0High \n[CVE-2017-10116](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10116>)5.1High \n[CVE-2017-10117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10117>)5.0High \n[CVE-2017-10118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10118>)5.0High \n[CVE-2017-10121](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10121>)5.8High \n[CVE-2017-10125](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10125>)4.4High \n[CVE-2017-10145](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10145>)6.5High \n[CVE-2017-10176](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10176>)5.0High \n[CVE-2017-10193](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10193>)2.6High \n[CVE-2017-10198](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10198>)4.3High \n[CVE-2017-10243](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10243>)6.4High", "modified": "2019-03-07T00:00:00", "published": "2017-07-19T00:00:00", "id": "KLA11076", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11076", "title": "\r KLA11076Multiple vulnerabilities in Oracle Java SE ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "suse": [{"lastseen": "2017-08-16T17:07:09", "bulletinFamily": "unix", "description": "This java-1_8_0-openjdk update to version jdk8u141 (icedtea 3.5.0) fixes\n the following issues:\n\n Security issues fixed:\n - CVE-2017-10053: Improved image post-processing steps (bsc#1049305)\n - CVE-2017-10067: Additional jar validation steps (bsc#1049306)\n - CVE-2017-10074: Image conversion improvements (bsc#1049307)\n - CVE-2017-10078: Better script accessibility for JavaScript (bsc#1049308)\n - CVE-2017-10081: Right parenthesis issue (bsc#1049309)\n - CVE-2017-10086: Unspecified vulnerability in subcomponent JavaFX\n (bsc#1049310)\n - CVE-2017-10087: Better Thread Pool execution (bsc#1049311)\n - CVE-2017-10089: Service Registration Lifecycle (bsc#1049312)\n - CVE-2017-10090: Better handling of channel groups (bsc#1049313)\n - CVE-2017-10096: Transform Transformer Exceptions (bsc#1049314)\n - CVE-2017-10101: Better reading of text catalogs (bsc#1049315)\n - CVE-2017-10102: Improved garbage collection (bsc#1049316)\n - CVE-2017-10105: Unspecified vulnerability in subcomponent deployment\n (bsc#1049317)\n - CVE-2017-10107: Less Active Activations (bsc#1049318)\n - CVE-2017-10108: Better naming attribution (bsc#1049319)\n - CVE-2017-10109: Better sourcing of code (bsc#1049320)\n - CVE-2017-10110: Better image fetching (bsc#1049321)\n - CVE-2017-10111: Rearrange MethodHandle arrangements (bsc#1049322)\n - CVE-2017-10114: Unspecified vulnerability in subcomponent JavaFX\n (bsc#1049323)\n - CVE-2017-10115: Higher quality DSA operations (bsc#1049324)\n - CVE-2017-10116: Proper directory lookup processing (bsc#1049325)\n - CVE-2017-10118: Higher quality ECDSA operations (bsc#1049326)\n - CVE-2017-10125: Unspecified vulnerability in subcomponent deployment\n (bsc#1049327)\n - CVE-2017-10135: Better handling of PKCS8 material (bsc#1049328)\n - CVE-2017-10176: Additional elliptic curve support (bsc#1049329)\n - CVE-2017-10193: Improve algorithm constraints implementation\n (bsc#1049330)\n - CVE-2017-10198: Clear certificate chain connections (bsc#1049331)\n - CVE-2017-10243: Unspecified vulnerability in subcomponent JAX-WS\n (bsc#1049332)\n\n Bug fixes:\n - Check registry registration location\n - Improved certificate processing\n - JMX diagnostic improvements\n - Update to libpng 1.6.28\n - Import of OpenJDK 8 u141 build 15 (bsc#1049302)\n\n New features:\n - Support using RSAandMGF1 with the SHA hash algorithms in the PKCS11\n provider\n\n", "modified": "2017-08-16T15:08:28", "published": "2017-08-16T15:08:28", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-08/msg00048.html", "id": "SUSE-SU-2017:2175-1", "title": "Security update for java-1_8_0-openjdk (important)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-04T00:50:57", "bulletinFamily": "unix", "description": "This update for java-1_7_0-openjdk fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084).\n - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO\n (bsc#1064071).\n - CVE-2017-10281: Fix issue inside subcomponent Serialization\n (bsc#1064072).\n - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073).\n - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075).\n - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086).\n - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078).\n - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082).\n - CVE-2017-10347: Fix issue inside subcomponent Serialization\n (bsc#1064079).\n - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081).\n - CVE-2017-10345: Fix issue inside subcomponent Serialization\n (bsc#1064077).\n - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080).\n - CVE-2017-10357: Fix issue inside subcomponent Serialization\n (bsc#1064085).\n - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083).\n - CVE-2017-10102: Fix incorrect handling of references in DGC\n (bsc#1049316).\n - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader\n (bsc#1049305).\n - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest\n (bsc#1049306).\n - CVE-2017-10081: Fix incorrect bracket processing in function signature\n handling (bsc#1049309).\n - CVE-2017-10087: Fix insufficient access control checks in\n ThreadPoolExecutor (bsc#1049311).\n - CVE-2017-10089: Fix insufficient access control checks in\n ServiceRegistry (bsc#1049312).\n - CVE-2017-10090: Fix insufficient access control checks in\n AsynchronousChannelGroupImpl (bsc#1049313).\n - CVE-2017-10096: Fix insufficient access control checks in XML\n transformations (bsc#1049314).\n - CVE-2017-10101: Fix unrestricted access to\n com.sun.org.apache.xml.internal.resolver (bsc#1049315).\n - CVE-2017-10107: Fix insufficient access control checks in ActivationID\n (bsc#1049318).\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n - CVE-2017-10110: Fix insufficient access control checks in ImageWatched\n (bsc#1049321).\n - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute\n deserialization (bsc#1049319).\n - CVE-2017-10109: Fix unbounded memory allocation in CodeSource\n deserialization (bsc#1049320).\n - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE\n (bsc#1049324).\n - CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326).\n - CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL\n (bsc#1049325).\n - CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328).\n - CVE-2017-10176: Fix incorrect handling of certain EC points\n (bsc#1049329).\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n - CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322).\n - CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS\n (bsc#1049332).\n - CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment\n (bsc#1049327).\n - CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX\n (bsc#1049323).\n - CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment\n (bsc#1049317).\n - CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310).\n - CVE-2017-10198: Fix incorrect enforcement of certificate path\n restrictions (bsc#1049331).\n - CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330).\n\n Bug fixes:\n\n - Drop Exec Shield workaround to fix crashes on recent kernels, where Exec\n Shield is gone (bsc#1052318).\n\n", "modified": "2018-01-03T21:08:18", "published": "2018-01-03T21:08:18", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00000.html", "id": "SUSE-SU-2018:0005-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-09T14:51:29", "bulletinFamily": "unix", "description": "This update for java-1_7_0-openjdk fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2017-10356: Fix issue inside subcomponent Security (bsc#1064084).\n - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO\n (bsc#1064071).\n - CVE-2017-10281: Fix issue inside subcomponent Serialization\n (bsc#1064072).\n - CVE-2017-10285: Fix issue inside subcomponent RMI (bsc#1064073).\n - CVE-2017-10295: Fix issue inside subcomponent Networking (bsc#1064075).\n - CVE-2017-10388: Fix issue inside subcomponent Libraries (bsc#1064086).\n - CVE-2017-10346: Fix issue inside subcomponent Hotspot (bsc#1064078).\n - CVE-2017-10350: Fix issue inside subcomponent JAX-WS (bsc#1064082).\n - CVE-2017-10347: Fix issue inside subcomponent Serialization\n (bsc#1064079).\n - CVE-2017-10349: Fix issue inside subcomponent JAXP (bsc#1064081).\n - CVE-2017-10345: Fix issue inside subcomponent Serialization\n (bsc#1064077).\n - CVE-2017-10348: Fix issue inside subcomponent Libraries (bsc#1064080).\n - CVE-2017-10357: Fix issue inside subcomponent Serialization\n (bsc#1064085).\n - CVE-2017-10355: Fix issue inside subcomponent Networking (bsc#1064083).\n - CVE-2017-10102: Fix incorrect handling of references in DGC\n (bsc#1049316).\n - CVE-2017-10053: Fix reading of unprocessed image data in JPEGImageReader\n (bsc#1049305).\n - CVE-2017-10067: Fix JAR verifier incorrect handling of missing digest\n (bsc#1049306).\n - CVE-2017-10081: Fix incorrect bracket processing in function signature\n handling (bsc#1049309).\n - CVE-2017-10087: Fix insufficient access control checks in\n ThreadPoolExecutor (bsc#1049311).\n - CVE-2017-10089: Fix insufficient access control checks in\n ServiceRegistry (bsc#1049312).\n - CVE-2017-10090: Fix insufficient access control checks in\n AsynchronousChannelGroupImpl (bsc#1049313).\n - CVE-2017-10096: Fix insufficient access control checks in XML\n transformations (bsc#1049314).\n - CVE-2017-10101: Fix unrestricted access to\n com.sun.org.apache.xml.internal.resolver (bsc#1049315).\n - CVE-2017-10107: Fix insufficient access control checks in ActivationID\n (bsc#1049318).\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n - CVE-2017-10110: Fix insufficient access control checks in ImageWatched\n (bsc#1049321).\n - CVE-2017-10108: Fix unbounded memory allocation in BasicAttribute\n deserialization (bsc#1049319).\n - CVE-2017-10109: Fix unbounded memory allocation in CodeSource\n deserialization (bsc#1049320).\n - CVE-2017-10115: Fix unspecified vulnerability in subcomponent JCE\n (bsc#1049324).\n - CVE-2017-10118: Fix ECDSA implementation timing attack (bsc#1049326).\n - CVE-2017-10116: Fix LDAPCertStore following referrals to non-LDAP URL\n (bsc#1049325).\n - CVE-2017-10135: Fix PKCS#8 implementation timing attack (bsc#1049328).\n - CVE-2017-10176: Fix incorrect handling of certain EC points\n (bsc#1049329).\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n - CVE-2017-10074: Fix integer overflows in range check loop predicates\n (bsc#1049307).\n - CVE-2017-10111: Fix checks in LambdaFormEditor (bsc#1049322).\n - CVE-2017-10243: Fix unspecified vulnerability in subcomponent JAX-WS\n (bsc#1049332).\n - CVE-2017-10125: Fix unspecified vulnerability in subcomponent deployment\n (bsc#1049327).\n - CVE-2017-10114: Fix unspecified vulnerability in subcomponent JavaFX\n (bsc#1049323).\n - CVE-2017-10105: Fix unspecified vulnerability in subcomponent deployment\n (bsc#1049317).\n - CVE-2017-10086: Fix unspecified in subcomponent JavaFX (bsc#1049310).\n - CVE-2017-10198: Fix incorrect enforcement of certificate path\n restrictions (bsc#1049331).\n - CVE-2017-10193: Fix incorrect key size constraint check (bsc#1049330).\n\n Bug fixes:\n\n - Drop Exec Shield workaround to fix crashes on recent kernels, where Exec\n Shield is gone (bsc#1052318).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "modified": "2018-01-09T12:08:07", "published": "2018-01-09T12:08:07", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00025.html", "id": "OPENSUSE-SU-2018:0042-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oracle": [{"lastseen": "2018-08-31T04:13:54", "bulletinFamily": "software", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 310 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2282980.1>).\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using version 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "modified": "2017-07-18T00:00:00", "published": "2018-03-20T00:00:00", "id": "ORACLE:CPUJUL2017-3236622", "href": "", "title": "Oracle Critical Patch Update - July 2017", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
