Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2009-1615.NASL
HistoryDec 01, 2009 - 12:00 a.m.

RHEL 5 : xerces-j2 (RHSA-2009:1615)

2009-12-0100:00:00
This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
34
JSON

Updated xerces-j2 packages that fix a security issue are now available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition (DTD) defines the legal syntax (and also which elements can be used) for certain types of files, such as XML files.

A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A remote attacker could provide a specially crafted XML file, which once parsed by an application using the Apache Xerces2 Java Parser, would lead to a denial of service (application hang due to excessive CPU use). (CVE-2009-2625)

Users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the Apache Xerces2 Java Parser must be restarted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2009:1615. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(42944);
  script_version("1.28");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2009-2625");
  script_bugtraq_id(35958);
  script_xref(name:"RHSA", value:"2009:1615");

  script_name(english:"RHEL 5 : xerces-j2 (RHSA-2009:1615)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated xerces-j2 packages that fix a security issue are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

The xerces-j2 packages provide the Apache Xerces2 Java Parser, a
high-performance XML parser. A Document Type Definition (DTD) defines
the legal syntax (and also which elements can be used) for certain
types of files, such as XML files.

A flaw was found in the way the Apache Xerces2 Java Parser processed
the SYSTEM identifier in DTDs. A remote attacker could provide a
specially crafted XML file, which once parsed by an application using
the Apache Xerces2 Java Parser, would lead to a denial of service
(application hang due to excessive CPU use). (CVE-2009-2625)

Users should upgrade to these updated packages, which contain a
backported patch to correct this issue. Applications using the Apache
Xerces2 Java Parser must be restarted for this update to take effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2009-2625"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2009:1615"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-apis");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-impl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-xni");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xerces-j2-scripts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.4");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/08/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/11/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2009:1615";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-demo-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-demo-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-demo-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xerces-j2 / xerces-j2-demo / xerces-j2-javadoc-apis / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxxerces-j2p-cpe:/a:redhat:enterprise_linux:xerces-j2
redhatenterprise_linuxxerces-j2-demop-cpe:/a:redhat:enterprise_linux:xerces-j2-demo
redhatenterprise_linuxxerces-j2-javadoc-apisp-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-apis
redhatenterprise_linuxxerces-j2-javadoc-implp-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-impl
redhatenterprise_linuxxerces-j2-javadoc-otherp-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-other
redhatenterprise_linuxxerces-j2-javadoc-xnip-cpe:/a:redhat:enterprise_linux:xerces-j2-javadoc-xni
redhatenterprise_linuxxerces-j2-scriptsp-cpe:/a:redhat:enterprise_linux:xerces-j2-scripts
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5
redhatenterprise_linux5.4cpe:/o:redhat:enterprise_linux:5.4

Related

openvas 88
nessus 68
debian 2
centos 1
cve 3
osv 1
veracode 1
debiancve 3
redhat 5
prion 3
oraclelinux 2
github 1
seebug 2
ubuntucve 3
ubuntu 6
ibm 6
f5 2
slackware 1
freebsd 1
openvas
openvas
RedHat Update for xerces-j2 RHSA-2011:0858-01
2012-06-06 00:00:00
Mandrake Security Advisory MDVSA-2009:215 (audacity)
2009-09-02 00:00:00
Mandrake Security Advisory MDVSA-2009:219 (kompozer)
2009-09-02 00:00:00
nessus
nessus
Oracle Linux 5 : xerces-j2 (ELSA-2009-1615)
2013-07-12 00:00:00
RHEL 6 : Virtualization Manager (RHSA-2012:1537)
2014-11-08 00:00:00
openSUSE Security Update : kompozer (kompozer-1249)
2009-08-31 00:00:00
debian
debian
[SECURITY] [DSA 1984-1] New libxerces2-java packages fix denial of service
2010-01-30 17:52:47
[SECURITY] [DSA 1921-1] New expat packages fix denial of service
2009-10-28 09:39:33
centos
centos
xerces security update
2009-12-17 12:40:02
cve
cve
CVE-2009-2625
2009-08-06 15:30:00
CVE-2009-3720
2009-11-03 16:30:00
CVE-2009-3560
2009-12-04 21:30:00
osv
osv
Denial of service in Apache Xerces2
2020-06-15 18:51:30
veracode
veracode
Denial Of Service (DoS)
2017-03-13 03:37:04
debiancve
debiancve
CVE-2009-2625
2009-08-06 15:30:00
CVE-2009-3720
2009-11-03 16:30:00
CVE-2009-3560
2009-12-04 21:30:00
redhat
redhat
(RHSA-2011:0858) Moderate: xerces-j2 security update
2011-06-08 00:00:00
(RHSA-2012:1537) Moderate: jasperreports-server-pro security and bug fix update
2012-12-04 00:00:00
(RHSA-2009:1615) Moderate: xerces-j2 security update
2009-11-30 00:00:00
prion
prion
Input validation
2009-08-06 15:30:00
Buffer overflow
2009-11-03 16:30:00
Buffer overflow
2009-12-04 21:30:00
oraclelinux
oraclelinux
xerces-j2 security update
2009-11-30 00:00:00
xerces-j2 security update
2011-06-08 00:00:00
github
github
Denial of service in Apache Xerces2
2020-06-15 18:51:30
seebug
seebug
Sun Java运行时环境XML解析拒绝服务漏洞
2009-08-09 00:00:00
mozilla-thunderbird多个安全漏洞
2009-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2009-2625
2009-08-06 00:00:00
CVE-2009-3720
2009-11-03 00:00:00
CVE-2009-3560
2009-12-04 00:00:00
ubuntu
ubuntu
Python 2.5 vulnerabilities
2010-01-21 00:00:00
CMake vulnerabilities
2010-04-15 00:00:00
XML-RPC for C and C++ vulnerabilities
2010-02-18 00:00:00
ibm
ibm
Security Bulletin: Apache Solr, shipped with IBM Operations Analytics - Log Analysis, susceptible to multiple vulnerabilities in Apache Xerces2
2021-04-16 07:16:00
Security Bulletin: Atlas eDiscovery Process Management is affected by a vulnerable org.apache.xerces_2.9.0.v201101211617-4.8.0.jar
2023-05-08 08:35:39
Security Bulletin: Order Management is subject to vulnerabilities regarding XML service where a remote attacker could exploit this vulnerability.
2024-04-12 17:33:16
f5
f5
K15905 : Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2015-03-16 00:00:00
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
2014-12-11 00:00:00
slackware
slackware
[slackware-security] expat
2011-02-11 01:17:08
freebsd
freebsd
libwww -- multiple vulnerabilities
2005-10-12 00:00:00
JSON
Related for REDHAT-RHSA-2009-1615.NASL
openvas88nessus68debian2centos1cve3osv1veracode1debiancve3redhat5prion3oraclelinux2github1seebug2ubuntucve3ubuntu6ibm6f52slackware1freebsd1