RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0155)

2010-05-1100:00:00

www.tenable.com

Updated java-1.4.2-ibm packages that fix one security issue and a bug are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.

A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation.
A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session (for example, an HTTPS connection to a website). This could force the server to process an attacker’s request as if authenticated using the victim’s credentials.
(CVE-2009-3555)

This update disables renegotiation in the non-default IBM JSSE2 provider for the Java Secure Socket Extension (JSSE) component. The default JSSE provider is not updated with this fix. Refer to the IBMJSSE2 Provider Reference Guide, linked to in the References, for instructions on how to configure the IBM Java 2 Runtime Environment to use the JSSE2 provider by default.

When using the JSSE2 provider, unsafe renegotiation can be re-enabled using the com.ibm.jsse2.renegotiate property. Refer to the following Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491

This update also fixes the following bug :

the libjaasauth.so file was missing from the java-1.4.2-ibm packages for the Intel Itanium architecture (.ia64.rpm). This update adds the file to the packages for the Itanium architecture, which resolves this issue. (BZ#572577)

All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM 1.4.2 SR13-FP4 Java release. All running instances of IBM Java must be restarted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2010:0155. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(46272);
  script_version("1.27");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2009-3555");
  script_bugtraq_id(36935);
  script_xref(name:"RHSA", value:"2010:0155");

  script_name(english:"RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0155)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated java-1.4.2-ibm packages that fix one security issue and a bug
are now available for Red Hat Enterprise Linux 3 Extras, Red Hat
Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5
Supplementary.

The Red Hat Security Response Team has rated this update as having
moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit.

A flaw was found in the way the TLS/SSL (Transport Layer
Security/Secure Sockets Layer) protocols handle session renegotiation.
A man-in-the-middle attacker could use this flaw to prefix arbitrary
plain text to a client's session (for example, an HTTPS connection to
a website). This could force the server to process an attacker's
request as if authenticated using the victim's credentials.
(CVE-2009-3555)

This update disables renegotiation in the non-default IBM JSSE2
provider for the Java Secure Socket Extension (JSSE) component. The
default JSSE provider is not updated with this fix. Refer to the
IBMJSSE2 Provider Reference Guide, linked to in the References, for
instructions on how to configure the IBM Java 2 Runtime Environment to
use the JSSE2 provider by default.

When using the JSSE2 provider, unsafe renegotiation can be re-enabled
using the com.ibm.jsse2.renegotiate property. Refer to the following
Knowledgebase article for details:
http://kbase.redhat.com/faq/docs/DOC-20491

This update also fixes the following bug :

* the libjaasauth.so file was missing from the java-1.4.2-ibm packages
for the Intel Itanium architecture (.ia64.rpm). This update adds the
file to the packages for the Itanium architecture, which resolves this
issue. (BZ#572577)

All users of java-1.4.2-ibm are advised to upgrade to these updated
packages, which contain the IBM 1.4.2 SR13-FP4 Java release. All
running instances of IBM Java must be restarted for this update to
take effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2009-3555"
  );
  # http://kbase.redhat.com/faq/docs/DOC-20491
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/articles/20490"
  );
  # http://www.ibm.com/developerworks/java/jdk/security/142/secguides/jsse2docs/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?323a8a5c"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2010:0155"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(310);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.4");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/03/17");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/05/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(3|4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x / 5.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2010:0155";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el3")) flag++;

  if (rpm_check(release:"RHEL3", reference:"java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el3")) flag++;

  if (rpm_check(release:"RHEL3", reference:"java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el3")) flag++;

  if (rpm_check(release:"RHEL3", cpu:"i386", reference:"java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el3")) flag++;

  if (rpm_check(release:"RHEL3", cpu:"s390", reference:"java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el3")) flag++;

  if (rpm_check(release:"RHEL3", cpu:"i386", reference:"java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el3")) flag++;

  if (rpm_check(release:"RHEL3", reference:"java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el3")) flag++;


  if (rpm_check(release:"RHEL4", reference:"java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", reference:"java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", reference:"java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"s390", reference:"java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", cpu:"i386", reference:"java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el4")) flag++;

  if (rpm_check(release:"RHEL4", reference:"java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el4")) flag++;


  if (rpm_check(release:"RHEL5", reference:"java-1.4.2-ibm-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", reference:"java-1.4.2-ibm-demo-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", reference:"java-1.4.2-ibm-devel-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"java-1.4.2-ibm-javacomm-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"s390", reference:"java-1.4.2-ibm-jdbc-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", cpu:"i386", reference:"java-1.4.2-ibm-plugin-1.4.2.13.4-1jpp.1.el5")) flag++;

  if (rpm_check(release:"RHEL5", reference:"java-1.4.2-ibm-src-1.4.2.13.4-1jpp.1.el5")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.4.2-ibm / java-1.4.2-ibm-demo / java-1.4.2-ibm-devel / etc");
  }
}

VendorProductVersionCPE
redhatenterprise_linuxjava-1.4.2-ibmp-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm
redhatenterprise_linuxjava-1.4.2-ibm-demop-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo
redhatenterprise_linuxjava-1.4.2-ibm-develp-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel
redhatenterprise_linuxjava-1.4.2-ibm-javacommp-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm
redhatenterprise_linuxjava-1.4.2-ibm-jdbcp-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc
redhatenterprise_linuxjava-1.4.2-ibm-pluginp-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin
redhatenterprise_linuxjava-1.4.2-ibm-srcp-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3
redhatenterprise_linux4cpe:/o:redhat:enterprise_linux:4
redhatenterprise_linux4.8cpe:/o:redhat:enterprise_linux:4.8

Vendor	Product	Version	CPE
redhat	enterprise_linux	java-1.4.2-ibm	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm
redhat	enterprise_linux	java-1.4.2-ibm-demo	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-demo
redhat	enterprise_linux	java-1.4.2-ibm-devel	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-devel
redhat	enterprise_linux	java-1.4.2-ibm-javacomm	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-javacomm
redhat	enterprise_linux	java-1.4.2-ibm-jdbc	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-jdbc
redhat	enterprise_linux	java-1.4.2-ibm-plugin	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-plugin
redhat	enterprise_linux	java-1.4.2-ibm-src	p-cpe:/a:redhat:enterprise_linux:java-1.4.2-ibm-src
redhat	enterprise_linux	3	cpe:/o:redhat:enterprise_linux:3
redhat	enterprise_linux	4	cpe:/o:redhat:enterprise_linux:4
redhat	enterprise_linux	4.8	cpe:/o:redhat:enterprise_linux:4.8