Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.ORACLE_JAVA_CPU_OCT_2012_UNIX.NASL
HistoryFeb 22, 2013 - 12:00 a.m.

Oracle Java SE Multiple Vulnerabilities (October 2012 CPU) (Unix)

2013-02-2200:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
20
JSON

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 9 / 6 Update 37 / 5.0 Update 38 / 1.4.2_40 and is, therefore, potentially affected by security issues in the following components :

  • 2D
  • Beans
  • Concurrency
  • Deployment
  • Hotspot
  • JAX-WS
  • JMX
  • JSSE
  • Libraries
  • Networking
  • Security
  • Swing
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(64849);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/11");

  script_cve_id(
    "CVE-2012-1531",
    "CVE-2012-1532",
    "CVE-2012-1533",
    "CVE-2012-3143",
    "CVE-2012-3159",
    "CVE-2012-3216",
    "CVE-2012-4416",
    "CVE-2012-5067",
    "CVE-2012-5068",
    "CVE-2012-5069",
    "CVE-2012-5070",
    "CVE-2012-5071",
    "CVE-2012-5072",
    "CVE-2012-5073",
    "CVE-2012-5074",
    "CVE-2012-5075",
    "CVE-2012-5076",
    "CVE-2012-5077",
    "CVE-2012-5078",
    "CVE-2012-5079",
    "CVE-2012-5080",
    "CVE-2012-5081",
    "CVE-2012-5082",
    "CVE-2012-5083",
    "CVE-2012-5084",
    "CVE-2012-5085",
    "CVE-2012-5086",
    "CVE-2012-5087",
    "CVE-2012-5088",
    "CVE-2012-5089"
  );
  script_bugtraq_id(
    55501,
    56025,
    56033,
    56039,
    56043,
    56046,
    56051,
    56054,
    56055,
    56056,
    56057,
    56058,
    56059,
    56061,
    56063,
    56065,
    56066,
    56067,
    56068,
    56070,
    56071,
    56072,
    56075,
    56076,
    56078,
    56079,
    56080,
    56081,
    56082,
    56083
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/18");

  script_name(english:"Oracle Java SE Multiple Vulnerabilities (October 2012 CPU) (Unix)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Unix host contains a programming platform that is affected
by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Oracle (formerly Sun) Java SE or Java for Business
installed on the remote host is earlier than 7 Update 9 / 6 Update 37
/ 5.0 Update 38 / 1.4.2_40 and is, therefore, potentially affected by
security issues in the following components :

  - 2D
  - Beans
  - Concurrency
  - Deployment
  - Hotspot
  - JAX-WS
  - JMX
  - JSSE
  - Libraries
  - Networking
  - Security
  - Swing");
  script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/524506/30/0/threaded");
  script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/524507/30/0/threaded");
  # http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b0eb44d4");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/technetwork/java/javase/7u9-relnotes-1863279.html");
  script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/technetwork/java/javase/6u37-relnotes-1863283.html");
  script_set_attribute(attribute:"see_also", value:"http://www.oracle.com/technetwork/java/eol-135779.html");
  script_set_attribute(attribute:"solution", value:
"Update to JDK / JRE 7 Update 9 / 6 Update 37, JDK 5.0 Update 38, SDK
1.4.2_40 or later and remove, if necessary, any affected versions.

Note that an Extended Support contract with Oracle is needed to obtain
JDK 5 .0 Update 38 or later.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5088");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java Applet Method Handle Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/02/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jre");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("sun_java_jre_installed_unix.nasl");
  script_require_keys("Host/Java/JRE/Installed");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

# Check each installed JRE.
installs = get_kb_list_or_exit("Host/Java/JRE/Unmanaged/*");

info = "";
vuln = 0;
vuln2 = 0;
installed_versions = "";
granular = "";
foreach install (list_uniq(keys(installs)))
{
  ver = install - "Host/Java/JRE/Unmanaged/";
  if (ver !~ "^[0-9.]+") continue;

  installed_versions = installed_versions + " & " + ver;

  if (
    ver =~ '^1\\.7\\.0_0[0-8]([^0-9]|$)' ||
    ver =~ '^1\\.6\\.0_([0-9]|[0-2][0-9]|3[0-6])([^0-9]|$)' ||
    ver =~ '^1\\.5\\.0_([0-9]|[0-2][0-9]|3[0-7])([^0-9]|$)' ||
    ver =~ '^1\\.4\\.([01]_|2_([0-9]|[0-3][0-9])([^0-9]|$))'
  )
  {
    dirs = make_list(get_kb_list(install));
    vuln += max_index(dirs);

    foreach dir (dirs)
      info += '\n  Path              : ' + dir;

    info += '\n  Installed version : ' + ver;
    info += '\n  Fixed version     : 1.7.0_09 / 1.6.0_37 / 1.5.0_38 / 1.4.2_40\n';
  }
  else if (ver =~ "^[\d\.]+$")
  {
    dirs = make_list(get_kb_list(install));
    foreach dir (dirs)
      granular += "The Oracle Java version "+ver+" at "+dir+" is not granular enough to make a determination."+'\n';
  }
  else
  {
    dirs = make_list(get_kb_list(install));
    vuln2 += max_index(dirs);
  }

}

# Report if any were found to be vulnerable.
if (info)
{
  if (report_verbosity > 0)
  {
    if (vuln > 1) s = "s of Java are";
    else s = " of Java is";

    report =
      '\n' +
      'The following vulnerable instance'+s+' installed on the\n' +
      'remote host :\n' +
      info;
    security_hole(port:0, extra:report);
  }
  else security_hole(0);
  if (granular) exit(0, granular);
}
else
{
  if (granular) exit(0, granular);

  installed_versions = substr(installed_versions, 3);
  if (vuln2 > 1)
    exit(0, "The Java "+installed_versions+" installs on the remote host are not affected.");
  else
    exit(0, "The Java "+installed_versions+" install on the remote host is not affected.");
}
VendorProductVersionCPE
oraclejrecpe:/a:oracle:jre

References

Related

securityvulns 1
nessus 41
suse 9
openvas 40
redhat 9
ubuntu 1
ibm 8
oraclelinux 3
threatpost 2
centos 3
amazon 2
veracode 22
cve 15
prion 14
cvelist 13
thn 1
seebug 1
metasploit 1
ubuntucve 9
exploitdb 1
checkpoint_advisories 1
saint 1
zdt 1
securityvulns
securityvulns
Oracle Java / OpenJDK multiple security vulnerabilities
2012-10-30 00:00:00
nessus
nessus
Oracle Java SE Multiple Vulnerabilities (October 2012 CPU)
2012-10-17 00:00:00
SuSE 11.2 Security Update : OpenJDK (SAT Patch Number 6987)
2013-01-25 00:00:00
RHEL 6 : java-1.7.0-oracle (RHSA-2012:1391)
2012-10-19 00:00:00
suse
suse
Security update for OpenJDK (important)
2012-10-24 22:08:57
java-1_7_0-openjdk: Update to icedtea-2.3.3 (important)
2012-10-31 16:11:24
Security update for IBM Java 1.6.0 (important)
2012-11-28 21:08:41
openvas
openvas
Ubuntu Update for openjdk-7 USN-1619-1
2012-10-29 00:00:00
Ubuntu: Security Advisory (USN-1619-1)
2012-10-29 00:00:00
RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01
2012-10-19 00:00:00
redhat
redhat
(RHSA-2012:1391) Critical: java-1.7.0-oracle security update
2012-10-18 00:00:00
(RHSA-2012:1386) Important: java-1.7.0-openjdk security update
2012-10-17 00:00:00
(RHSA-2012:1392) Critical: java-1.6.0-sun security update
2012-10-18 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2012-10-26 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Rational Functional Tester versions 8.x due to security vulnerabilities in IBM JRE 7.0 Service Release 2 or earlier, and non-IBM Java 7.0
2019-05-07 13:40:01
Security Bulletin: IBM Rational Build Forge Java (CVE-2012-3216, CVE-2012-5077, CVE-2012-5073, CVE-2012-5074, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-5069, CVE-2012-5079, CVE-2012-5088)
2018-06-17 04:45:18
Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE excuted under a security manager.
2022-09-25 23:13:40
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2012-10-17 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
threatpost
threatpost
Apple Patches Java Flaws
2012-10-18 13:44:08
New Java Attack Introduced into Cool Exploit Kit
2012-11-12 18:25:53
centos
centos
java security update
2012-10-17 21:15:32
java security update
2012-10-17 21:16:08
java security update
2012-10-17 21:21:03
amazon
amazon
Important: java-1.7.0-openjdk
2012-10-23 10:38:00
Important: java-1.6.0-openjdk
2012-10-23 10:38:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:04
Authorization Bypass
2019-05-02 04:41:06
Information Disclosure
2019-05-02 04:41:07
cve
cve
CVE-2012-3202
2012-10-17 00:55:00
CVE-2012-5078
2012-10-16 21:55:00
CVE-2012-5080
2012-10-16 21:55:00
prion
prion
Design/Logic Flaw
2012-10-17 00:55:00
Design/Logic Flaw
2012-10-16 21:55:00
Design/Logic Flaw
2012-10-16 21:55:00
cvelist
cvelist
CVE-2012-3202
2012-10-17 00:00:00
CVE-2012-5078
2012-10-16 21:29:00
CVE-2012-5080
2012-10-16 21:29:00
thn
thn
Latest Java vulnerability exploitation leads to ransomware
2012-11-10 18:57:00
seebug
seebug
Java Applet JAX-WS Remote Code Execution
2014-07-01 00:00:00
metasploit
metasploit
Java Applet JAX-WS Remote Code Execution
2012-11-11 16:05:51
ubuntucve
ubuntucve
CVE-2012-1533
2012-10-16 00:00:00
CVE-2012-3159
2012-10-16 00:00:00
CVE-2012-5073
2012-10-16 00:00:00
exploitdb
exploitdb
Java Applet - JAX-WS Remote Code Execution (Metasploit)
2012-11-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Java Applet JAX-WS Remote Code Execution (CVE-2012-5076)
2012-12-02 00:00:00
saint
saint
Java JAX-WS statistics.impl package sandbox breach
2013-02-07 00:00:00
zdt
zdt
Java Applet Method Handle Remote Code Execution Vulnerability
2013-01-23 00:00:00
JSON
Related for ORACLE_JAVA_CPU_OCT_2012_UNIX.NASL
securityvulns1nessus41suse9openvas40redhat9ubuntu1ibm8oraclelinux3threatpost2centos3amazon2veracode22cve15prion14cvelist13thn1seebug1metasploit1ubuntucve9exploitdb1checkpoint_advisories1saint1zdt1