Lucene search

K
nessusThis script is Copyright (C) 2008-2023 Tenable Network Security, Inc.MACOSX_JAVA_REL7.NASL
HistorySep 25, 2008 - 12:00 a.m.

Mac OS X : Java for Mac OS X 10.4 Release 7

2008-09-2500:00:00
This script is Copyright (C) 2008-2023 Tenable Network Security, Inc.
www.tenable.com
23

10 High

AI Score

Confidence

High

The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 7.

The remote version of this software contains several security vulnerabilities which may allow a rogue java applet to execute arbitrary code on the remote host.

To exploit these flaws, an attacker would need to lure an attacker into executing a rogue Java applet.

#TRUSTED 0ba04c07d99e8cad5a1aad4702b7167e0dd648ae61657321681392b9a965197967150f4f489dca5cd5b3d67271467e13d12980fa343a1dd55f140346cab4a9c18e90f57622f3aa6ee64d76a6e5be84e07f1ac424f39bea6313ac39de9ad83fd6da94e2b7f680403c948e1db8a24f968cddd23d2bff7627c3338975a7641cd570f9b9bfb0786292bdd1710c060c1b7deafbba2c09b0778f099753f57457efce33d930c3dea5fbb59332375409125648b320f4d82318ee3136a1852e3209bce0283fa16e108dc4ed453fa356e7bc3a8ee294614b0290a6cebb5f792a46c94b1f7bc2737b8d07ee38d25439062ad4439045525bbcf72ce618f30cb09ff2281ca35ea9b9a41a95881a0fc3c2e633dff9874385e17f1a9991931b1588c7a91f58a43a54e8d4ad0f7bd600cad0109c0691c16fee0800d2fba7f0b05e3dd2337022c9e1cc704482ff41aa0bf62d8b54a431036382b06ab0f844afb9059dde92d7e391e71971d2e8c68f7d7451d57e830986d52a557677a70cabc48c0df60095bdec93dc91fff3fbf154bdaea768f99e1e3503d16145ba68d2934342b433eb60fbe3bc88a106af989b0dfa7b6438c3ff2530c605b81d518818b1dffc6a1cb8d6f64232c17816b24b7394e1226ebe541111568dd733cb06b4342964b0e74e06015ba6a1e8e352df747e9220b2d68c473b25bbbc8bb67394bbaeabbcfeac2a5a6f06592603
#TRUST-RSA-SHA256 598070795a5508c76b5f4d954e0bc76b7ee541a99901d6dabb66490d97bc178a7916ba870c264a0e7b32ec666d65ac2dc8a122c2f07fe5ba63b2fed4aca2aaefc6c11051793b582880f63b22d57785bce7c4a65d36baa0cf4a7700a2c2d37eaa96181e7461f840401c570f6cc6b3b775df32afdc6bfa285c9ab767e354d6aff3e9c88b6ba48c62020905e07788e0c29325f6ccb5f8d7a6b9af93b51f15c05f97b3b0a38174bde2ab723b1a31b1f3540454df071a8de48907cbdef5d68c1b091ee3bf50c987a84b1e7003974d3580937ceb520b850ec0a034bbcdc6bdb9fbec3d6e802289ff1c3d17ef4d209bcfd81327eb454862ce0262c043399b676e3bc14f7f87c84493465c8f4260c58f1de188469e620f14bd3505bd5e86ca0825fe03731835ef88be4c360b32ca35476603c81c155053119fc50156f8658cc760953977cc585e2954c7ffb39bd999ce275320e8c83bf694709cc00b4d53a459f0d4ab5bcb8220469070280a874c2047e64e9d47f91060940b311f982bd9fe4e16acf9c01736f86261904f13eb95343b6669a3c35ff1e18eb1827545c497df389e806c39a2195dd4ecfd0bdc61c789d6e3d143a83f7e889d6f76715eee5e41a1940c46c0805152fbb7d072f3ba5fe32d9f6025c2e4e39bc77816fb8ca91881e8bb7ca10ca1ee72dc8fbdf77b4076b7b1e5929bf0c094f28472b83d7622868e2cb28a1b31
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(34291);
 script_version("1.20");
 script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/27");

 script_cve_id(
  "CVE-2008-1185",
  "CVE-2008-1186",
  "CVE-2008-1187",
  "CVE-2008-1188",
  "CVE-2008-1189",
  "CVE-2008-1190",
  "CVE-2008-1191",
  "CVE-2008-1192",
  "CVE-2008-1193",
  "CVE-2008-1194",
  "CVE-2008-1195",
  "CVE-2008-1196",
  "CVE-2008-3103",
  "CVE-2008-3104",
  "CVE-2008-3105",
  "CVE-2008-3106",
  "CVE-2008-3107",
  "CVE-2008-3108",
  "CVE-2008-3109",
  "CVE-2008-3110",
  "CVE-2008-3111",
  "CVE-2008-3112",
  "CVE-2008-3113",
  "CVE-2008-3114",
  "CVE-2008-3115",
  "CVE-2008-3637",
  "CVE-2008-3638"
 );
 script_bugtraq_id(28125, 30144, 30146, 31379, 31380);

 script_name(english:"Mac OS X : Java for Mac OS X 10.4 Release 7");
 script_summary(english:"Check for Java Release 7 on Mac OS X 10.4");

 script_set_attribute(attribute:"synopsis", value:"The remote host is affected by multiple vulnerabilities.");
 script_set_attribute(attribute:"description", value:
"The remote Mac OS X 10.4 host is running a version of Java for Mac OS X
that is older than release 7.

The remote version of this software contains several security
vulnerabilities which may allow a rogue java applet to execute arbitrary
code on the remote host.

To exploit these flaws, an attacker would need to lure an attacker into
executing a rogue Java applet.");
 script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT3178");
 script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2008/Sep/msg00008.html");
 script_set_attribute(attribute:"solution", value:"Upgrade to Java for Mac OS X 10.4 release 7 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
 script_set_attribute(attribute:"cvss_score_source", value:"CVE-2008-3113");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
 script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack');
 script_cwe_id(264);

 script_set_attribute(attribute:"patch_publication_date", value:"2008/09/24");
 script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/25");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2008-2023 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}


include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");


enable_ssh_wrappers();

function exec(cmd)
{
 local_var ret, buf;

 if ( islocalhost() )
  buf = pread_wrapper(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
 else
 {
  ret = ssh_open_connection();
  if ( ! ret ) exit(0);
  buf = ssh_cmd(cmd:cmd);
  ssh_close_connection();
 }

 if ( buf !~ "^[0-9]" ) exit(0);

 buf = chomp(buf);
 return buf;
}


packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);

uname = get_kb_item("Host/uname");
# Mac OS X 10.4.11 only
if ( egrep(pattern:"Darwin.* 8\.11\.", string:uname) )
{
 cmd = _GetBundleVersionCmd(file:"JavaPluginCocoa.bundle", path:"/Library/Internet Plug-Ins", label:"CFBundleVersion");
 buf = exec(cmd:cmd);
 if ( ! strlen(buf) ) exit(0);
 array = split(buf, sep:'.', keep:FALSE);
 # Fixed in version 11.8.0
 if ( int(array[0]) < 11 ||
     (int(array[0]) == 11 && int(array[1]) < 8 ) )
 {
   security_hole(0);
 }
}

References

10 High

AI Score

Confidence

High

Related for MACOSX_JAVA_REL7.NASL