{"id": "REDHAT-RHSA-2016-0676.NASL", "bulletinFamily": "scanner", "title": "RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)", "description": "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)", "published": "2016-04-22T00:00:00", "modified": "2017-01-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90669", "reporter": "Tenable", "references": ["https://www.redhat.com/security/data/cve/CVE-2016-3425.html", "http://rhn.redhat.com/errata/RHSA-2016-0676.html", "https://www.redhat.com/security/data/cve/CVE-2016-3427.html", "https://www.redhat.com/security/data/cve/CVE-2016-0686.html", "https://www.redhat.com/security/data/cve/CVE-2016-0695.html", "https://www.redhat.com/security/data/cve/CVE-2016-0687.html"], "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "type": "nessus", "lastseen": "2017-01-11T06:11:12", "history": [{"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)", "edition": 2, "hash": "56020f1fa364a2cd27f6ffc5b78c680f0b5696a6c3985c955c12496533dcde04", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "8aa36e61d2685d517995270759254f3f", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "283835715fe22d272a5e9307322428a5", "key": "title"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "53de945eef2e379c588a969fd3167714", "key": "modified"}, {"hash": "a8590f76513324184fd68caa42d7ab44", "key": "description"}, {"hash": "fe6739a3841b61a38de29b8e459a37a7", "key": "sourceData"}, {"hash": "021694f00fd95bf0fceae0586db4b9dd", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c0e81b6a5237a82ca7ea8b939802ff49", "key": "published"}, {"hash": "c4b0356fbadbd9947c9663274e19bd7c", "key": "pluginID"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "49553d40f5f960148e6fd1193c8953f1", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=90669", "id": "REDHAT-RHSA-2016-0676.NASL", "lastseen": "2016-10-14T21:26:07", "modified": "2016-10-14T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.2", "pluginID": "90669", "published": "2016-04-22T00:00:00", "references": ["https://www.redhat.com/security/data/cve/CVE-2016-3425.html", "http://rhn.redhat.com/errata/RHSA-2016-0676.html", "https://www.redhat.com/security/data/cve/CVE-2016-3427.html", "https://www.redhat.com/security/data/cve/CVE-2016-0686.html", "https://www.redhat.com/security/data/cve/CVE-2016-0695.html", "https://www.redhat.com/security/data/cve/CVE-2016-0687.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0676. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90669);\n script_version(\"$Revision: 2.5 $\");\n script_cvs_date(\"$Date: 2016/10/14 13:45:04 $\");\n\n script_cve_id(\"CVE-2016-0686\", \"CVE-2016-0687\", \"CVE-2016-0695\", \"CVE-2016-3425\", \"CVE-2016-3427\");\n script_osvdb_id(137301, 137302, 137303, 137305, 137306);\n script_xref(name:\"RHSA\", value:\"2016:0676\");\n\n script_name(english:\"RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.7.0-openjdk is now available for Red Hat\nEnterprise Linux 5 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot\ncomponents in OpenJDK. An untrusted Java application or applet could\nuse these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX\ncomponent in OpenJDK did not restrict which classes can be\ndeserialized when deserializing authentication credentials. A remote,\nunauthenticated attacker able to connect to a JMX port could possibly\nuse this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to\nproperly handle Unicode surrogate pairs used as part of the XML\nattribute values. Specially crafted XML input could cause a Java\napplication to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to\ncheck the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the\ngeneration of signatures that were weaker than expected.\n(CVE-2016-0695)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0687.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0695.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-3425.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-3427.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2016-0676.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc\");\n}\n", "title": "RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2016-10-14T21:26:07"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)", "edition": 1, "hash": "15eedd6bc51ec5b82c15aac8e6e709a204231bcc597edc815f3d8349cdb734ae", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "aff19e7d2f5800fbf65dc3d944df032a", "key": "cvss"}, {"hash": "8aa36e61d2685d517995270759254f3f", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "283835715fe22d272a5e9307322428a5", "key": "title"}, {"hash": "a8590f76513324184fd68caa42d7ab44", "key": "description"}, {"hash": "58f2519bd3a4fe8d8f0f9109992681e9", "key": "sourceData"}, {"hash": "021694f00fd95bf0fceae0586db4b9dd", "key": "cvelist"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "c0e81b6a5237a82ca7ea8b939802ff49", "key": "published"}, {"hash": "c4b0356fbadbd9947c9663274e19bd7c", "key": "pluginID"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "49553d40f5f960148e6fd1193c8953f1", "key": "href"}, {"hash": "fac73efdbca315c41813649495552f62", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=90669", "id": "REDHAT-RHSA-2016-0676.NASL", "lastseen": "2016-09-26T17:25:47", "modified": "2016-04-29T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.2", "pluginID": "90669", "published": "2016-04-22T00:00:00", "references": ["https://www.redhat.com/security/data/cve/CVE-2016-3425.html", "http://rhn.redhat.com/errata/RHSA-2016-0676.html", "https://www.redhat.com/security/data/cve/CVE-2016-3427.html", "https://www.redhat.com/security/data/cve/CVE-2016-0686.html", "https://www.redhat.com/security/data/cve/CVE-2016-0695.html", "https://www.redhat.com/security/data/cve/CVE-2016-0687.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0676. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90669);\n script_version(\"$Revision: 2.4 $\");\n script_cvs_date(\"$Date: 2016/04/29 19:33:18 $\");\n\n script_cve_id(\"CVE-2016-0686\", \"CVE-2016-0687\", \"CVE-2016-0695\", \"CVE-2016-3425\", \"CVE-2016-3427\");\n script_osvdb_id(137301, 137302, 137303, 137305, 137306);\n script_xref(name:\"RHSA\", value:\"2016:0676\");\n\n script_name(english:\"RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.7.0-openjdk is now available for Red Hat\nEnterprise Linux 5 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot\ncomponents in OpenJDK. An untrusted Java application or applet could\nuse these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX\ncomponent in OpenJDK did not restrict which classes can be\ndeserialized when deserializing authentication credentials. A remote,\nunauthenticated attacker able to connect to a JMX port could possibly\nuse this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to\nproperly handle Unicode surrogate pairs used as part of the XML\nattribute values. Specially crafted XML input could cause a Java\napplication to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to\ncheck the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the\ngeneration of signatures that were weaker than expected.\n(CVE-2016-0695)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0687.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0695.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-3425.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-3427.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2016-0676.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\nif (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\nif (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc\");\n}\n", "title": "RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:25:47"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "021694f00fd95bf0fceae0586db4b9dd"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "a8590f76513324184fd68caa42d7ab44"}, {"key": "href", "hash": "49553d40f5f960148e6fd1193c8953f1"}, {"key": "modified", "hash": "a6e487b241db96af61fe671a1b90b041"}, {"key": "naslFamily", "hash": "b46559ea68ec9a13474c3a7776817cfd"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "pluginID", "hash": "c4b0356fbadbd9947c9663274e19bd7c"}, {"key": "published", "hash": "c0e81b6a5237a82ca7ea8b939802ff49"}, {"key": "references", "hash": "8aa36e61d2685d517995270759254f3f"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "09b7dcce44513dbef34bb0bdf1788bc4"}, {"key": "title", "hash": "283835715fe22d272a5e9307322428a5"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "60bdff91f8b81d6443e91e5db415614414a4a4caad705ffc2704d0360bda8828", "viewCount": 5, "objectVersion": "1.2", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:0676. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90669);\n script_version(\"$Revision: 2.6 $\");\n script_cvs_date(\"$Date: 2017/01/10 20:34:12 $\");\n\n script_cve_id(\"CVE-2016-0686\", \"CVE-2016-0687\", \"CVE-2016-0695\", \"CVE-2016-3425\", \"CVE-2016-3427\");\n script_osvdb_id(137301, 137302, 137303, 137305, 137306);\n script_xref(name:\"RHSA\", value:\"2016:0676\");\n\n script_name(english:\"RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0676)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for java-1.7.0-openjdk is now available for Red Hat\nEnterprise Linux 5 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Critical. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime\nEnvironment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot\ncomponents in OpenJDK. An untrusted Java application or applet could\nuse these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX\ncomponent in OpenJDK did not restrict which classes can be\ndeserialized when deserializing authentication credentials. A remote,\nunauthenticated attacker able to connect to a JMX port could possibly\nuse this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to\nproperly handle Unicode surrogate pairs used as part of the XML\nattribute values. Specially crafted XML input could cause a Java\napplication to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to\ncheck the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the\ngeneration of signatures that were weaker than expected.\n(CVE-2016-0695)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0687.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-0695.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-3425.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2016-3427.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2016-0676.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2016:0676\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11\")) flag++;\n\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-headless-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el7_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "90669", "enchantments": {"vulnersScore": 10.0}}

{"result": {"cve": [{"id": "CVE-2016-0695", "type": "cve", "title": "CVE-2016-0695", "description": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.", "published": "2016-04-21T06:59:55", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0695", "cvelist": ["CVE-2016-0695"], "lastseen": "2016-12-03T09:36:45"}, {"id": "CVE-2016-3427", "type": "cve", "title": "CVE-2016-3427", "description": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.", "published": "2016-04-21T07:00:21", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3427", "cvelist": ["CVE-2016-3427"], "lastseen": "2017-07-28T10:54:22"}, {"id": "CVE-2016-0687", "type": "cve", "title": "CVE-2016-0687", "description": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.", "published": "2016-04-21T06:59:47", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0687", "cvelist": ["CVE-2016-0687"], "lastseen": "2016-12-03T09:36:36"}, {"id": "CVE-2016-3425", "type": "cve", "title": "CVE-2016-3425", "description": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.", "published": "2016-04-21T07:00:19", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3425", "cvelist": ["CVE-2016-3425"], "lastseen": "2016-12-03T10:08:23"}, {"id": "CVE-2016-0686", "type": "cve", "title": "CVE-2016-0686", "description": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.", "published": "2016-04-21T06:59:47", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0686", "cvelist": ["CVE-2016-0686"], "lastseen": "2016-12-03T09:36:35"}], "f5": [{"id": "F5:K33285044", "type": "f5", "title": "Oracle Java SE vulnerability CVE-2016-0695", "description": "\nF5 Product Development has assigned ID 591358 (BIG-IP), ID 594415 (BIG-IQ), ID 594418 (Enterprise Manager), ID 552323 (ARX), and INSTALLER-2441 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H595913 on the **Diagnostics** &gt;** Identified** &gt;** Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Base operating system \nBIG-IP AAM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Low| Base operating system \nBIG-IP AFM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Low| Base operating system \nBIG-IP Analytics| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| 12.1.2| Low| Base operating system \nBIG-IP APM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Base operating system \nBIG-IP ASM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Base operating system \nBIG-IP DNS| 12.0.0 - 12.1.1| 12.1.2| Low| Base operating system \nBIG-IP Edge Gateway| 11.2.1 \n10.2.1 - 10.2.4 \nNone| None| Low| Base operating system \nBIG-IP GTM| 11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4 \nNone| None| Low| Base operating system \nBIG-IP Link Controller| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Base operating system \nBIG-IP PEM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Low| Base operating system \nBIG-IP PSM| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| None| Low| Base operating system \nBIG-IP WebAccelerator| 11.2.1 \n10.2.1 - 10.2.4| None| Low| Base operating system \nBIG-IP WOM| 11.2.1 \n10.2.1 - 10.2.4| None| Low| Base operating system \nARX| 6.2.0 - 6.4.0| None| Low| Java SE \nEnterprise Manager| 3.1.1| None| Low| JRE \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| JRE \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| JRE \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| JRE \nBIG-IQ ADC| 4.5.0| None| Low| JRE \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Low| JRE \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Low| JRE \nF5 iWorkflow| 2.0.0 - 2.0.2| None| Low| JRE \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 5.0.0 \n4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Low| Java SE\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2016-06-01T21:39:00", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://support.f5.com/csp/article/K33285044", "cvelist": ["CVE-2016-0695"], "lastseen": "2017-06-08T00:16:30"}, {"id": "SOL33285044", "type": "f5", "title": "SOL33285044 - Oracle Java SE vulnerability CVE-2016-0695", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2016-06-01T00:00:00", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/33/sol33285044.html", "cvelist": ["CVE-2016-0695"], "lastseen": "2016-09-26T17:23:01"}, {"id": "F5:K73112451", "type": "f5", "title": "Oracle Java SE vulnerability CVE-2016-3427", "description": "\nF5 Product Development has assigned ID 591358 (BIG-IP), ID 594415 (BIG-IQ), ID 594418 (Enterprise Manager), ID 552323 (ARX), and INSTALLER-2440 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H595913-1 on the **Diagnostics** &gt; **Identified** &gt; **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP AAM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP AFM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP Analytics| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP APM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP ASM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP DNS| 12.0.0 - 12.1.1| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP Edge Gateway| 11.2.1 \n10.2.1 - 10.2.4| None| Medium| Tomcat, Configuration utility \nBIG-IP GTM| 11.4.0 - 11.6.1 \n11.2.1 \n10.1.0 - 10.2.4| None| Medium| Tomcat, Configuration utility \nBIG-IP Link Controller| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP PEM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Medium| Tomcat, Configuration utility \nBIG-IP PSM| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| None| Medium| Tomcat, Configuration utility \nBIG-IP WebAccelerator| 11.2.1 \n10.2.1 - 10.2.4| None| Medium| Tomcat, Configuration utility \nBIG-IP WOM| 11.2.1 \n10.2.1 - 10.2.4| None| Medium| Tomcat, Configuration utility \nARX| 6.2.0 - 6.4.0| None| Low| Java SE \nEnterprise Manager| 3.1.1| None| Medium| JRE \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Medium| JRE \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Medium| JRE \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Medium| JRE \nBIG-IQ ADC| 4.5.0| None| Medium| JRE \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Medium| JRE \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Medium| JRE \nF5 iWorkflow| 2.0.0 - 2.0.2| None| Medium| JRE \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 5.0.0 \n4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Low| Java SE\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo mitigate this vulnerability, F5 recommends that you avoid exposing JMX RMI ports through management or data interfaces.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2016-05-28T08:22:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://support.f5.com/csp/article/K73112451", "cvelist": ["CVE-2016-3427"], "lastseen": "2017-06-08T00:16:08"}, {"id": "SOL73112451", "type": "f5", "title": "SOL73112451 - Oracle Java SE vulnerability CVE-2016-3427", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability, F5 recommends that you avoid exposing JMX RMI ports through management or data interfaces.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2016-05-27T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/73/sol73112451.html", "cvelist": ["CVE-2016-3427"], "lastseen": "2016-09-26T17:23:05"}, {"id": "F5:K49820145", "type": "f5", "title": "Apache Tomcat vulnerability CVE-2016-8735", "description": "\nF5 Product Development has assigned ID 466436 (ARX) and INSTALLER-2832 (Traffix SDC) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| 6.2.0 - 6.4.0| None| Medium| Apache Tomcat \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.0.2| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| None| Medium| Apache Tomcat\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nTo mitigate this vulnerability, you can limit access to the ARX GUI and Traffix SDC Management Console to only use secure networks.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2016-12-02T01:34:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://support.f5.com/csp/article/K49820145", "cvelist": ["CVE-2016-3427", "CVE-2016-8735"], "lastseen": "2017-06-08T00:16:31"}, {"id": "F5:K77535578", "type": "f5", "title": "Multiple Java SE client-side vulnerabilities", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.3.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.3.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| Not vulnerable| None \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 \n| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2016-05-26T22:43:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://support.f5.com/csp/article/K77535578", "cvelist": ["CVE-2016-3426", "CVE-2016-3449", "CVE-2016-3422", "CVE-2016-0636", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-0686"], "lastseen": "2017-06-08T00:16:17"}, {"id": "SOL77535578", "type": "f5", "title": "SOL77535578 - Multiple Java SE client-side vulnerabilities", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2016-05-26T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/77/sol77535578.html", "cvelist": ["CVE-2016-3426", "CVE-2016-3449", "CVE-2016-3422", "CVE-2016-0636", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-0686"], "lastseen": "2016-11-09T00:09:56"}, {"id": "F5:K81223200", "type": "f5", "title": "Oracle Java SE vulnerability CVE-2016-3425", "description": "\nF5 Product Development has assigned ID 591358 (BIG-IP), ID 594415 (BIG-IQ), ID 594418 (Enterprise Manager), ID 552323 (ARX), and INSTALLER-2442 (Traffix SDC) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth>) may list Heuristic H595913-2 on the **Diagnostics** &gt; **Identified** &gt; **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Configuration utility \nBIG-IP AAM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Low| Configuration utility \nBIG-IP AFM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Low| Configuration utility \nBIG-IP Analytics| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| 12.1.2| Low| Configuration utility \nBIG-IP APM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Configuration utility \nBIG-IP ASM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Configuration utility \nBIG-IP DNS| 12.0.0 - 12.1.1| 12.1.2| Low| Configuration utility \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 \nNone| None| Low| Configuration utility \nBIG-IP GTM| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Low| Configuration utility \nBIG-IP Link Controller| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| 12.1.2| Low| Configuration utility \nBIG-IP PEM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 12.1.2| Low| Configuration utility \nBIG-IP PSM| 11.4.0 - 11.4.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Low| Configuration utility \nBIG-IP WebAccelerator| 11.2.1 \n10.2.1 - 10.2.4| None| Low| Configuration utility \nBIG-IP WOM| 11.2.1 \n10.2.1 - 10.2.4| None| Low| Configuration utility \nARX| 6.2.0 - 6.4.0| None| Low| Java SE \nEnterprise Manager| 3.1.1| None| Low| JRE \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Low| JRE \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Low| JRE \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Low| JRE \nBIG-IQ ADC| 4.5.0| None| Low| JRE \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Low| JRE \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Low| JRE \nF5 iWorkflow| 2.0.0 - 2.0.2| None| Low| JRE \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 5.0.0 \n4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Low| Java SE\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2016-05-28T08:20:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K81223200", "cvelist": ["CVE-2016-3425"], "lastseen": "2017-06-08T00:16:31"}, {"id": "SOL81223200", "type": "f5", "title": "SOL81223200 - Oracle Java SE vulnerability CVE-2016-3425", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "published": "2016-05-27T00:00:00", "cvss": {"score": 5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/k/81/sol81223200.html", "cvelist": ["CVE-2016-3425"], "lastseen": "2016-09-26T17:23:10"}], "nessus": [{"id": "ORACLE_JROCKIT_CPU_APR_2016.NASL", "type": "nessus", "title": "Oracle JRockit R28.3.9 Multiple Vulnerabilities (April 2016 CPU)", "description": "The version of Oracle JRockit installed on the remote Windows host is 28.3.9. It is, therefore, affected by multiple vulnerabilities :\n\n - An unspecified flaw exists related to the Security subcomponent that allows a remote attacker to access potentially sensitive information. No other details are available. (CVE-2016-0695)\n\n - An unspecified flaw exists related to the JAXP subcomponent that allows a remote attacker to cause a denial of service. No other details are available.\n (CVE-2016-3425)\n\n - An unspecified flaw exists related to the JMX subcomponent that allows a remote attacker to execute arbitrary code. No other details are available.\n (CVE-2016-3427)", "published": "2016-04-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90604", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-3425"], "lastseen": "2016-09-26T17:25:52"}, {"id": "ORACLELINUX_ELSA-2016-0675.NASL", "type": "nessus", "title": "Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0675)", "description": "From Red Hat Security Advisory 2016:0675 :\n\nAn update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "published": "2016-04-22T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90666", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-08T05:36:45"}, {"id": "SUSE_SU-2016-1250-1.NASL", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:1250-1)", "description": "This update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues.\n\nThese security issues were fixed :\n\n - CVE-2016-0686: Ensure thread consistency (bsc#976340).\n\n - CVE-2016-0687: Better byte behavior (bsc#976340).\n\n - CVE-2016-0695: Make DSA more fair (bsc#976340).\n\n - CVE-2016-3425: Better buffering of XML strings (bsc#976340).\n\n - CVE-2016-3427: Improve JMX connections (bsc#976340).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-05-09T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90993", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-28T06:14:04"}, {"id": "OPENSUSE-2016-553.NASL", "type": "nessus", "title": "openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-553)", "description": "This update for java-1_7_0-openjdk to version 2.6.6 fixes five security issues.\n\nThese security issues were fixed :\n\n - CVE-2016-0686: Ensure thread consistency (bsc#976340).\n\n - CVE-2016-0687: Better byte behavior (bsc#976340).\n\n - CVE-2016-0695: Make DSA more fair (bsc#976340).\n\n - CVE-2016-3425: Better buffering of XML strings (bsc#976340).\n\n - CVE-2016-3427: Improve JMX connections (bsc#976340).", "published": "2016-05-05T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90905", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-10-13T21:24:53"}, {"id": "REDHAT-RHSA-2016-0675.NASL", "type": "nessus", "title": "RHEL 6 : java-1.7.0-openjdk (RHSA-2016:0675)", "description": "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "published": "2016-04-22T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90668", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-01-11T06:09:47"}, {"id": "SL_20160509_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64", "description": "Security Fix(es) :\n\n - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n (CVE-2016-0686, CVE-2016-0687)\n\n - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.\n (CVE-2016-3427)\n\n - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425)\n\n - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n (CVE-2016-0695)", "published": "2016-05-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91040", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-10-19T21:26:21"}, {"id": "SL_20160421_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64", "description": "Security Fix(es) :\n\n - Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n (CVE-2016-0686, CVE-2016-0687)\n\n - It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.\n (CVE-2016-3427)\n\n - It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425)\n\n - It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n (CVE-2016-0695)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "published": "2016-04-22T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=90674", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-10-19T21:25:00"}, {"id": "UBUNTU_USN-2972-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2972-1)", "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code.\n(CVE-2016-0686, CVE-2016-0687, CVE-2016-3427)\n\nA vulnerability was discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit this to expose sensitive data over the network. (CVE-2016-0695)\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2016-3425).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-05-12T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91095", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-02T05:34:59"}, {"id": "ALA_ALAS-2016-700.NASL", "type": "nessus", "title": "Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-700)", "description": "Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686 , CVE-2016-0687)\n\nIt was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\nIt was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\nIt was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)", "published": "2016-05-12T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91048", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-10-08T01:23:14"}, {"id": "ORACLELINUX_ELSA-2016-0723.NASL", "type": "nessus", "title": "Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-0723)", "description": "From Red Hat Security Advisory 2016:0723 :\n\nAn update for java-1.6.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit.\n\nSecurity Fix(es) :\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.\n(CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed.\n(CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures.\nThe use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected.\n(CVE-2016-0695)", "published": "2016-05-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91030", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-08T05:35:03"}], "centos": [{"id": "CESA-2016:0676", "type": "centos", "title": "java security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:0676\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-April/021840.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-April/021841.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-accessibility\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-headless\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0676.html", "published": "2016-04-21T15:42:31", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2016-April/021840.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-05T19:58:34"}, {"id": "CESA-2016:0723", "type": "centos", "title": "java security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:0723\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-May/021861.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-May/021862.html\nhttp://lists.centos.org/pipermail/centos-announce/2016-May/021863.html\n\n**Affected packages:**\njava-1.6.0-openjdk\njava-1.6.0-openjdk-demo\njava-1.6.0-openjdk-devel\njava-1.6.0-openjdk-javadoc\njava-1.6.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0723.html", "published": "2016-05-09T15:12:42", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2016-May/021862.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-05T20:07:05"}, {"id": "CESA-2016:0675", "type": "centos", "title": "java security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:0675\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-April/021837.html\n\n**Affected packages:**\njava-1.7.0-openjdk\njava-1.7.0-openjdk-demo\njava-1.7.0-openjdk-devel\njava-1.7.0-openjdk-javadoc\njava-1.7.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0675.html", "published": "2016-04-21T14:18:59", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2016-April/021837.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-05T20:04:05"}, {"id": "CESA-2016:0651", "type": "centos", "title": "java security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:0651\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-April/021838.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0651.html", "published": "2016-04-21T14:19:29", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2016-April/021838.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-05T20:03:39"}, {"id": "CESA-2016:0650", "type": "centos", "title": "java security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:0650\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-April/021839.html\n\n**Affected packages:**\njava-1.8.0-openjdk\njava-1.8.0-openjdk-accessibility\njava-1.8.0-openjdk-accessibility-debug\njava-1.8.0-openjdk-debug\njava-1.8.0-openjdk-demo\njava-1.8.0-openjdk-demo-debug\njava-1.8.0-openjdk-devel\njava-1.8.0-openjdk-devel-debug\njava-1.8.0-openjdk-headless\njava-1.8.0-openjdk-headless-debug\njava-1.8.0-openjdk-javadoc\njava-1.8.0-openjdk-javadoc-debug\njava-1.8.0-openjdk-src\njava-1.8.0-openjdk-src-debug\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-0650.html", "published": "2016-04-21T15:30:55", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2016-April/021839.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-12-05T20:01:38"}], "suse": [{"id": "OPENSUSE-SU-2016:1230-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "description": "This update for java-1_7_0-openjdk to version 2.6.6 fixes five security\n issues.\n\n These security issues were fixed:\n - CVE-2016-0686: Ensure thread consistency (bsc#976340).\n - CVE-2016-0687: Better byte behavior (bsc#976340).\n - CVE-2016-0695: Make DSA more fair (bsc#976340).\n - CVE-2016-3425: Better buffering of XML strings (bsc#976340).\n - CVE-2016-3427: Improve JMX connections (bsc#976340).\n\n", "published": "2016-05-04T16:15:53", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:35:13"}, {"id": "OPENSUSE-SU-2016:1235-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "description": "This update for java-1_7_0-openjdk to version 2.6.6 fixes five security\n issues.\n\n These security issues were fixed:\n - CVE-2016-0686: Ensure thread consistency (bsc#976340).\n - CVE-2016-0687: Better byte behavior (bsc#976340).\n - CVE-2016-0695: Make DSA more fair (bsc#976340).\n - CVE-2016-3425: Better buffering of XML strings (bsc#976340).\n - CVE-2016-3427: Improve JMX connections (bsc#976340).\n\n", "published": "2016-05-04T21:07:57", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:56:36"}, {"id": "OPENSUSE-SU-2016:1265-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "description": "This update for java-1_7_0-openjdk to version 2.6.6 fixes five security\n issues.\n\n These security issues were fixed:\n - CVE-2016-0686: Ensure thread consistency (bsc#976340).\n - CVE-2016-0687: Better byte behavior (bsc#976340).\n - CVE-2016-0695: Make DSA more fair (bsc#976340).\n - CVE-2016-3425: Better buffering of XML strings (bsc#976340).\n - CVE-2016-3427: Improve JMX connections (bsc#976340).\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "published": "2016-05-07T15:09:13", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:50:20"}, {"id": "SUSE-SU-2016:1250-1", "type": "suse", "title": "Security update for java-1_7_0-openjdk (important)", "description": "This update for java-1_7_0-openjdk to version 2.6.6 fixes five security\n issues.\n\n These security issues were fixed:\n - CVE-2016-0686: Ensure thread consistency (bsc#976340).\n - CVE-2016-0687: Better byte behavior (bsc#976340).\n - CVE-2016-0695: Make DSA more fair (bsc#976340).\n - CVE-2016-3425: Better buffering of XML strings (bsc#976340).\n - CVE-2016-3427: Improve JMX connections (bsc#976340).\n\n", "published": "2016-05-06T13:14:05", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:43:03"}, {"id": "SUSE-SU-2016:1248-1", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "description": "This update for java-1_8_0-openjdk fixes the following security issues -\n April 2016 Oracle CPU (bsc#976340):\n\n - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to Serialization.\n - CVE-2016-0687: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to the Hotspot sub-component\n - CVE-2016-0695: Unspecified vulnerability allowed remote attackers to\n affect confidentiality via vectors related to the Security Component\n - CVE-2016-3425: Unspecified vulnerability allowed remote attackers to\n affect availability via vectors related to JAXP\n - CVE-2016-3426: Unspecified vulnerability allowed remote attackers to\n affect confidentiality via vectors related to JCE\n - CVE-2016-3427: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to JMX\n\n", "published": "2016-05-06T13:13:04", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T12:46:49"}, {"id": "OPENSUSE-SU-2016:1222-1", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "description": "This update for java-1_8_0-openjdk fixes the following security issues -\n April 2016 Oracle CPU (bsc#976340):\n\n - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to Serialization.\n - CVE-2016-0687: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to the Hotspot sub-component\n - CVE-2016-0695: Unspecified vulnerability allowed remote attackers to\n affect confidentiality via vectors related to the Security Component\n - CVE-2016-3425: Unspecified vulnerability allowed remote attackers to\n affect availability via vectors related to JAXP\n - CVE-2016-3426: Unspecified vulnerability allowed remote attackers to\n affect confidentiality via vectors related to JCE\n - CVE-2016-3427: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to JMX\n\n", "published": "2016-05-04T16:11:55", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T12:07:54"}, {"id": "OPENSUSE-SU-2016:1262-1", "type": "suse", "title": "Security update for java-1_8_0-openjdk (important)", "description": "This update for java-1_8_0-openjdk fixes the following security issues -\n April 2016 Oracle CPU (bsc#976340):\n\n - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to Serialization.\n - CVE-2016-0687: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to the Hotspot sub-component\n - CVE-2016-0695: Unspecified vulnerability allowed remote attackers to\n affect confidentiality via vectors related to the Security Component\n - CVE-2016-3425: Unspecified vulnerability allowed remote attackers to\n affect availability via vectors related to JAXP\n - CVE-2016-3426: Unspecified vulnerability allowed remote attackers to\n affect confidentiality via vectors related to JCE\n - CVE-2016-3427: Unspecified vulnerability allowed remote attackers to\n affect confidentiality, integrity, and availability via vectors related\n to JMX\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "published": "2016-05-07T15:07:42", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T12:05:54"}, {"id": "SUSE-SU-2016:1303-1", "type": "suse", "title": "Security update for java-1_6_0-ibm (important)", "description": "This IBM Java 1.6.0 SR16 FP25 release fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)\n - CVE-2016-0363: insecure use of invoke method in CORBA component,\n incorrect CVE-2013-3009 fix (bsc#977650)\n - CVE-2016-0376: insecure deserialization in CORBA, incorrect\n CVE-2013-5456 fix (bsc#977646)\n - The following CVEs got also fixed during this update. (bsc#979252)\n CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427,\n CVE-2016-3449, CVE-2016-3422, CVE-2016-3426\n\n", "published": "2016-05-13T21:07:55", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html", "cvelist": ["CVE-2016-3426", "CVE-2016-3427", "CVE-2016-3449", "CVE-2016-0363", "CVE-2016-3422", "CVE-2013-3009", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-0376", "CVE-2013-5456", "CVE-2016-0686", "CVE-2016-0264"], "lastseen": "2016-09-04T12:46:24"}, {"id": "SUSE-SU-2016:1378-1", "type": "suse", "title": "Security update for java-1_7_0-ibm (important)", "description": "This IBM Java 1.7.0 SR9 FP40 release fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)\n - CVE-2016-0363: insecure use of invoke method in CORBA component,\n incorrect CVE-2013-3009 fix (bsc#977650)\n - CVE-2016-0376: insecure deserialization in CORBA, incorrect\n CVE-2013-5456 fix (bsc#977646)\n - The following CVEs got also fixed during this update. (bsc#979252)\n CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427,\n CVE-2016-3449, CVE-2016-3422, CVE-2016-3426\n\n", "published": "2016-05-21T02:07:49", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html", "cvelist": ["CVE-2016-3426", "CVE-2016-3427", "CVE-2016-3449", "CVE-2016-0363", "CVE-2016-3422", "CVE-2013-3009", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-0376", "CVE-2013-5456", "CVE-2016-0686", "CVE-2016-0264"], "lastseen": "2016-09-04T12:05:46"}, {"id": "SUSE-SU-2016:1299-1", "type": "suse", "title": "Security update for java-1_7_1-ibm (important)", "description": "This IBM Java 1.7.1 SR3 FP40 release fixes the following issues:\n\n Security issues fixed:\n - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648)\n - CVE-2016-0363: insecure use of invoke method in CORBA component,\n incorrect CVE-2013-3009 fix (bsc#977650)\n - CVE-2016-0376: insecure deserialization in CORBA, incorrect\n CVE-2013-5456 fix (bsc#977646)\n - The following CVEs got also fixed during this update. (bsc#979252)\n CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427,\n CVE-2016-3449, CVE-2016-3422, CVE-2016-3426\n\n", "published": "2016-05-13T16:08:16", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html", "cvelist": ["CVE-2016-3426", "CVE-2016-3427", "CVE-2016-3449", "CVE-2016-0363", "CVE-2016-3422", "CVE-2013-3009", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-0376", "CVE-2013-5456", "CVE-2016-0686", "CVE-2016-0264"], "lastseen": "2016-09-04T12:35:28"}], "openvas": [{"id": "OPENVAS:1361412562310120682", "type": "openvas", "title": "Amazon Linux Local Check: alas-2016-693", "description": "Amazon Linux Local Security Checks", "published": "2016-05-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120682", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-24T12:54:03"}, {"id": "OPENVAS:1361412562310871601", "type": "openvas", "title": "RedHat Update for java-1.7.0-openjdk RHSA-2016:0676-01", "description": "Check the version of java-1.7.0-openjdk", "published": "2016-04-22T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871601", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-27T10:54:28"}, {"id": "OPENVAS:1361412562310882487", "type": "openvas", "title": "CentOS Update for java CESA-2016:0723 centos7 ", "description": "Check the version of java", "published": "2016-05-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882487", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-25T10:55:01"}, {"id": "OPENVAS:1361412562310842733", "type": "openvas", "title": "Ubuntu Update for openjdk-7 USN-2964-1", "description": "Check the version of openjdk-7", "published": "2016-05-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842733", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-25T10:54:36"}, {"id": "OPENVAS:1361412562310122935", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2016-0675", "description": "Oracle Linux Local Security Checks ELSA-2016-0675", "published": "2016-05-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122935", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-24T12:54:52"}, {"id": "OPENVAS:1361412562310842745", "type": "openvas", "title": "Ubuntu Update for openjdk-6 USN-2972-1", "description": "Check the version of openjdk-6", "published": "2016-05-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842745", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-25T10:54:30"}, {"id": "OPENVAS:1361412562310851291", "type": "openvas", "title": "SuSE Update for java-1_7_0-openjdk openSUSE-SU-2016:1235-1 (java-1_7_0-openjdk)", "description": "Check the version of java-1_7_0-openjdk", "published": "2016-05-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851291", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-26T08:54:28"}, {"id": "OPENVAS:1361412562310851292", "type": "openvas", "title": "SuSE Update for java-1_7_0-openjdk openSUSE-SU-2016:1230-1 (java-1_7_0-openjdk)", "description": "Check the version of java-1_7_0-openjdk", "published": "2016-05-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851292", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-26T08:53:28"}, {"id": "OPENVAS:1361412562310882485", "type": "openvas", "title": "CentOS Update for java CESA-2016:0723 centos5 ", "description": "Check the version of java", "published": "2016-05-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882485", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-25T10:54:50"}, {"id": "OPENVAS:1361412562310882467", "type": "openvas", "title": "CentOS Update for java CESA-2016:0676 centos7 ", "description": "Check the version of java", "published": "2016-04-22T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882467", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-25T10:54:47"}], "ubuntu": [{"id": "USN-2972-1", "type": "ubuntu", "title": "OpenJDK 6 vulnerabilities", "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related to \ninformation disclosure, data integrity, and availability. An attacker \ncould exploit these to cause a denial of service, expose sensitive data \nover the network, or possibly execute arbitrary code. ([CVE-2016-0686](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0686>), \n[CVE-2016-0687](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0687>), [CVE-2016-3427](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3427>))\n\nA vulnerability was discovered in the OpenJDK JRE related to information \ndisclosure. An attacker could exploit this to expose sensitive data over \nthe network. ([CVE-2016-0695](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0695>))\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n([CVE-2016-3425](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3425>))", "published": "2016-05-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/usn/usn-2972-1/", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-08-09T19:12:53"}, {"id": "USN-2964-1", "type": "ubuntu", "title": "OpenJDK 7 vulnerabilities", "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related to information \ndisclosure, data integrity, and availability. An attacker could exploit \nthese to cause a denial of service, expose sensitive data over the network, \nor possibly execute arbitrary code. ([CVE-2016-0686](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0686>), [CVE-2016-0687](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0687>), \n[CVE-2016-3427](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3427>))\n\nA vulnerability was discovered in the OpenJDK JRE related to information \ndisclosure. An attacker could exploit this to expose sensitive data over \nthe network. ([CVE-2016-0695](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0695>))\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n([CVE-2016-3425](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3425>))", "published": "2016-05-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/usn/usn-2964-1/", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-08-09T19:13:01"}, {"id": "USN-2963-1", "type": "ubuntu", "title": "OpenJDK 8 vulnerabilities", "description": "Multiple vulnerabilities were discovered in the OpenJDK JRE related to \ninformation disclosure, data integrity, and availability. An attacker \ncould exploit these to cause a denial of service, expose sensitive data \nover the network, or possibly execute arbitrary code. ([CVE-2016-0686](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0686>), \n[CVE-2016-0687](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0687>), [CVE-2016-3427](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3427>))\n\nMultiple vulnerabilities were discovered in the OpenJDK JRE related \nto information disclosure. An attacker could exploit this to expose \nsensitive data over the network. ([CVE-2016-0695](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0695>), [CVE-2016-3426](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3426>))\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n([CVE-2016-3425](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-3425>))", "published": "2016-05-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/usn/usn-2963-1/", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-08-09T19:12:15"}], "oraclelinux": [{"id": "ELSA-2016-0723", "type": "oraclelinux", "title": "java-1.6.0-openjdk security update", "description": "[1:1.6.0.39-1.13.11.0]\n- Update to IcedTea 1.13.11 & OpenJDK 6 b39.\n- Resolves: rhbz#1325432", "published": "2016-05-09T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-0723.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:16:26"}, {"id": "ELSA-2016-0675", "type": "oraclelinux", "title": "java-1.7.0-openjdk security update", "description": "[1:1.7.0.101-2.6.6.1.0.1]\n- Update DISTRO_NAME in specfile\n[1:1.7.0.101-2.6.6.1]\n- added Patch666 fontpath.patch to fix tck regressions\n- Resolves: rhbz#1325425\n[1:1.7.0.101-2.6.6.0]\n- Fix ztos handling in templateTable_ppc_64.cpp to be same as others in 7.\n- Resolves: rhbz#1325425\n[1:1.7.0.101-2.6.6.0]\n- Bump to 2.6.6 and u101b00.\n- Drop a leading zero from the priority as the update version is now three digits\n- Resolves: rhbz#1325425", "published": "2016-04-21T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-0675.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:16:35"}, {"id": "ELSA-2016-0676", "type": "oraclelinux", "title": "java-1.7.0-openjdk security update", "description": "[1:1.7.0.101-2.6.6.1.0.1]\n- Update DISTRO_NAME in specfile\n[1:1.7.0.101-2.6.6.1]\n- added Patch666 fontpath.patch to fix tck regressions\n- Resolves: rhbz#1325427\n[1:1.7.0.101-2.6.6.0]\n- Fix ztos handling in templateTable_ppc_64.cpp to be same as others in 7.\n- Resolves: rhbz#1325427\n[1:1.7.0.101-2.6.6.0]\n- Bump to 2.6.6 and u101b00.\n- Drop AArch64 patch (PR2914) included in 2.6.6\n- Drop a leading zero from the priority as the update version is now three digits\n- Update PR2809 patch to apply against 2.6.6.\n- Resolves: rhbz#1325427", "published": "2016-04-21T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-0676.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:16:21"}, {"id": "ELSA-2016-0651", "type": "oraclelinux", "title": "java-1.8.0-openjdk security update", "description": "[1:1.8.0.91-1.b03]\n- Update to u91b14.\n- Resolves: rhbz#1325420", "published": "2016-04-20T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-0651.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:16:37"}, {"id": "ELSA-2016-0650", "type": "oraclelinux", "title": "java-1.8.0-openjdk security update", "description": "[1:1.8.0.91-0.b14]\n- Add additional fix to Zero patch to properly handle result on 64-bit big-endian\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Revert settings to production defaults so we can at least get a build.\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Switch to a slowdebug build to try and unearth remaining issue on s390x.\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Add missing comma in 8132051 patch.\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Add 8132051 port to Zero.\n- Turn on bootstrap build for all to ensure we are now good to go.\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Add 8132051 port to AArch64.\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Enable a full bootstrap on JIT archs. Full build held back by Zero archs anyway.\n- Resolves: rhbz#1325422\n[1:1.8.0.91-0.b14]\n- Update to u91b14.\n- Resolves: rhbz#1325422", "published": "2016-04-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-0650.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-04T11:16:46"}], "amazon": [{"id": "ALAS-2016-693", "type": "amazon", "title": "Critical: java-1.7.0-openjdk", "description": "**Issue Overview:**\n\nIt was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. ([CVE-2016-0686 __](<https://access.redhat.com/security/cve/CVE-2016-0686>))\n\nIt was discovered that the Hotspot component of OpenJDK did not properly handle byte types. An untrusted Java application or applet could use this flaw to corrupt Java virtual machine memory and possibly execute arbitrary code, bypassing Java sandbox restrictions. ([CVE-2016-0687 __](<https://access.redhat.com/security/cve/CVE-2016-0687>))\n\nIt was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. ([CVE-2016-3427 __](<https://access.redhat.com/security/cve/CVE-2016-3427>))\n\nIt was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. ([CVE-2016-3425 __](<https://access.redhat.com/security/cve/CVE-2016-3425>))\n\nIt was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. ([CVE-2016-0695 __](<https://access.redhat.com/security/cve/CVE-2016-0695>))\n\n \n**Affected Packages:** \n\n\njava-1.7.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.7.0-openjdk_ to update your system. \n\n\n \n**New Packages:**\n \n \n i686: \n java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.67.amzn1.i686 \n java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.67.amzn1.i686 \n java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.67.amzn1.i686 \n java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.67.amzn1.i686 \n java-1.7.0-openjdk-1.7.0.101-2.6.6.1.67.amzn1.i686 \n \n noarch: \n java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.67.amzn1.noarch \n \n src: \n java-1.7.0-openjdk-1.7.0.101-2.6.6.1.67.amzn1.src \n \n x86_64: \n java-1.7.0-openjdk-1.7.0.101-2.6.6.1.67.amzn1.x86_64 \n java-1.7.0-openjdk-debuginfo-1.7.0.101-2.6.6.1.67.amzn1.x86_64 \n java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.67.amzn1.x86_64 \n java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.67.amzn1.x86_64 \n java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.67.amzn1.x86_64 \n \n \n", "published": "2016-04-27T16:15:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2016-693.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-28T21:04:07"}, {"id": "ALAS-2016-700", "type": "amazon", "title": "Critical: java-1.6.0-openjdk", "description": "**Issue Overview:**\n\nMultiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. ([CVE-2016-0686 __](<https://access.redhat.com/security/cve/CVE-2016-0686>), [CVE-2016-0687 __](<https://access.redhat.com/security/cve/CVE-2016-0687>))\n\nIt was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. ([CVE-2016-3427 __](<https://access.redhat.com/security/cve/CVE-2016-3427>))\n\nIt was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. ([CVE-2016-3425 __](<https://access.redhat.com/security/cve/CVE-2016-3425>))\n\nIt was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. ([CVE-2016-0695 __](<https://access.redhat.com/security/cve/CVE-2016-0695>))\n\n \n**Affected Packages:** \n\n\njava-1.6.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.6.0-openjdk_ to update your system. \n\n\n \n**New Packages:**\n \n \n i686: \n java-1.6.0-openjdk-devel-1.6.0.39-1.13.11.1.74.amzn1.i686 \n java-1.6.0-openjdk-debuginfo-1.6.0.39-1.13.11.1.74.amzn1.i686 \n java-1.6.0-openjdk-demo-1.6.0.39-1.13.11.1.74.amzn1.i686 \n java-1.6.0-openjdk-src-1.6.0.39-1.13.11.1.74.amzn1.i686 \n java-1.6.0-openjdk-1.6.0.39-1.13.11.1.74.amzn1.i686 \n java-1.6.0-openjdk-javadoc-1.6.0.39-1.13.11.1.74.amzn1.i686 \n \n src: \n java-1.6.0-openjdk-1.6.0.39-1.13.11.1.74.amzn1.src \n \n x86_64: \n java-1.6.0-openjdk-src-1.6.0.39-1.13.11.1.74.amzn1.x86_64 \n java-1.6.0-openjdk-javadoc-1.6.0.39-1.13.11.1.74.amzn1.x86_64 \n java-1.6.0-openjdk-demo-1.6.0.39-1.13.11.1.74.amzn1.x86_64 \n java-1.6.0-openjdk-debuginfo-1.6.0.39-1.13.11.1.74.amzn1.x86_64 \n java-1.6.0-openjdk-devel-1.6.0.39-1.13.11.1.74.amzn1.x86_64 \n java-1.6.0-openjdk-1.6.0.39-1.13.11.1.74.amzn1.x86_64 \n \n \n", "published": "2016-05-11T11:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2016-700.html", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-28T21:03:57"}, {"id": "ALAS-2016-688", "type": "amazon", "title": "Critical: java-1.8.0-openjdk", "description": "**Issue Overview:**\n\nIt was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. ([CVE-2016-0686 __](<https://access.redhat.com/security/cve/CVE-2016-0686>))\n\nIt was discovered that the Hotspot component of OpenJDK did not properly handle byte types. An untrusted Java application or applet could use this flaw to corrupt Java virtual machine memory and possibly execute arbitrary code, bypassing Java sandbox restrictions. ([CVE-2016-0687 __](<https://access.redhat.com/security/cve/CVE-2016-0687>))\n\nIt was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. ([CVE-2016-3427 __](<https://access.redhat.com/security/cve/CVE-2016-3427>))\n\nIt was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. ([CVE-2016-3425 __](<https://access.redhat.com/security/cve/CVE-2016-3425>))\n\nIt was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. ([CVE-2016-0695 __](<https://access.redhat.com/security/cve/CVE-2016-0695>))\n\nIt was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component of OpenJDK used non-constant time comparison when comparing GCM authentication tag. A remote attacker could possibly use this flaw to determine correct value of the authentication tag and bypass authentication protections of GCM. ([CVE-2016-3426 __](<https://access.redhat.com/security/cve/CVE-2016-3426>)) \n\n\n \n**Affected Packages:** \n\n\njava-1.8.0-openjdk\n\n \n**Issue Correction:** \nRun _yum update java-1.8.0-openjdk_ to update your system. \n\n\n \n**New Packages:**\n \n \n i686: \n java-1.8.0-openjdk-headless-1.8.0.91-0.b14.10.amzn1.i686 \n java-1.8.0-openjdk-devel-1.8.0.91-0.b14.10.amzn1.i686 \n java-1.8.0-openjdk-debuginfo-1.8.0.91-0.b14.10.amzn1.i686 \n java-1.8.0-openjdk-src-1.8.0.91-0.b14.10.amzn1.i686 \n java-1.8.0-openjdk-demo-1.8.0.91-0.b14.10.amzn1.i686 \n java-1.8.0-openjdk-1.8.0.91-0.b14.10.amzn1.i686 \n \n noarch: \n java-1.8.0-openjdk-javadoc-1.8.0.91-0.b14.10.amzn1.noarch \n \n src: \n java-1.8.0-openjdk-1.8.0.91-0.b14.10.amzn1.src \n \n x86_64: \n java-1.8.0-openjdk-headless-1.8.0.91-0.b14.10.amzn1.x86_64 \n java-1.8.0-openjdk-1.8.0.91-0.b14.10.amzn1.x86_64 \n java-1.8.0-openjdk-src-1.8.0.91-0.b14.10.amzn1.x86_64 \n java-1.8.0-openjdk-debuginfo-1.8.0.91-0.b14.10.amzn1.x86_64 \n java-1.8.0-openjdk-devel-1.8.0.91-0.b14.10.amzn1.x86_64 \n java-1.8.0-openjdk-demo-1.8.0.91-0.b14.10.amzn1.x86_64 \n \n \n", "published": "2016-04-21T16:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2016-688.html", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-28T21:04:00"}], "redhat": [{"id": "RHSA-2016:0676", "type": "redhat", "title": "(RHSA-2016:0676) Critical: java-1.7.0-openjdk security update", "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment\nand the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\ncompletely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in\nOpenJDK did not restrict which classes can be deserialized when deserializing\nauthentication credentials. A remote, unauthenticated attacker able to connect\nto a JMX port could possibly use this flaw to trigger deserialization flaws.\n(CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle\nUnicode surrogate pairs used as part of the XML attribute values. Specially\ncrafted XML input could cause a Java application to use an excessive amount of\nmemory when parsed. (CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the\ndigest algorithm strength when generating DSA signatures. The use of a digest\nweaker than the key strength could lead to the generation of signatures that\nwere weaker than expected. (CVE-2016-0695)\n", "published": "2016-04-21T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0676", "cvelist": ["CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3427"], "lastseen": "2017-08-02T22:58:18"}, {"id": "RHSA-2016:0723", "type": "redhat", "title": "(RHSA-2016:0723) Critical: java-1.6.0-openjdk security update", "description": "The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment\nand the OpenJDK 6 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\ncompletely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in\nOpenJDK did not restrict which classes can be deserialized when deserializing\nauthentication credentials. A remote, unauthenticated attacker able to connect\nto a JMX port could possibly use this flaw to trigger deserialization flaws.\n(CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle\nUnicode surrogate pairs used as part of the XML attribute values. Specially\ncrafted XML input could cause a Java application to use an excessive amount of\nmemory when parsed. (CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the\ndigest algorithm strength when generating DSA signatures. The use of a digest\nweaker than the key strength could lead to the generation of signatures that\nwere weaker than expected. (CVE-2016-0695)\n", "published": "2016-05-09T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0723", "cvelist": ["CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3427"], "lastseen": "2017-08-02T22:57:51"}, {"id": "RHSA-2016:0675", "type": "redhat", "title": "(RHSA-2016:0675) Critical: java-1.7.0-openjdk security update", "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "published": "2016-04-21T16:21:58", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0675", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-03-06T01:18:26"}, {"id": "RHSA-2016:0650", "type": "redhat", "title": "(RHSA-2016:0650) Critical: java-1.8.0-openjdk security update", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425)\n\n* It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)\n\nNote: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.", "published": "2016-04-20T16:51:49", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0650", "cvelist": ["CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3425", "CVE-2016-3426", "CVE-2016-3427"], "lastseen": "2017-08-02T14:57:34"}, {"id": "RHSA-2016:0651", "type": "redhat", "title": "(RHSA-2016:0651) Critical: java-1.8.0-openjdk security update", "description": "The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687)\n\n* It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427)\n\n* It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425)\n\n* It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426)\n\n* It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)", "published": "2016-04-20T16:52:15", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0651", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-03-10T13:18:49"}, {"id": "RHSA-2016:0677", "type": "redhat", "title": "(RHSA-2016:0677) Critical: java-1.8.0-oracle security update", "description": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 91.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)", "published": "2016-04-21T18:26:11", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0677", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-3449", "CVE-2016-3422", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-07-22T12:58:46"}, {"id": "RHSA-2016:0678", "type": "redhat", "title": "(RHSA-2016:0678) Critical: java-1.7.0-oracle security update", "description": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the\nOracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 101.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further information\nabout these flaws can be found on the Oracle Java SE Critical Patch Update\nAdvisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687,\nCVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443,\nCVE-2016-3449)\n", "published": "2016-04-21T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0678", "cvelist": ["CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3422", "CVE-2016-3425", "CVE-2016-3427", "CVE-2016-3443", "CVE-2016-3449"], "lastseen": "2017-07-28T20:57:41"}, {"id": "RHSA-2016:0679", "type": "redhat", "title": "(RHSA-2016:0679) Critical: java-1.6.0-sun security update", "description": "Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the\nOracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 6 to version 6 Update 115.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further information\nabout these flaws can be found on the Oracle Java SE Critical Patch Update\nAdvisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687,\nCVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443,\nCVE-2016-3449)\n", "published": "2016-04-21T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:0679", "cvelist": ["CVE-2016-0686", "CVE-2016-0687", "CVE-2016-0695", "CVE-2016-3422", "CVE-2016-3425", "CVE-2016-3427", "CVE-2016-3443", "CVE-2016-3449"], "lastseen": "2017-07-28T18:57:51"}, {"id": "RHSA-2017:0456", "type": "redhat", "title": "(RHSA-2017:0456) Important: Red Hat JBoss Web Server 3.1.0 security and enhancement update", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements.\n\nSecurity Fix(es):\n\n* It was reported that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. (CVE-2016-1240)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is only included in EWS 2.x and JWS 3.x source distributions. If you deploy a Tomcat instance built from source, using the EWS 2.x, or JWS 3.x distributions, an attacker could use this flaw to launch a remote code execution attack on your deployed instance. (CVE-2016-8735)\n\n* A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer (4096 bytes) used to read the uploaded file if the boundary was the typical tens of bytes long. (CVE-2016-3092)\n\n* It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own. (CVE-2016-6816)\n\n* A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body. (CVE-2016-8745)\n\n* The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. (CVE-2016-0762)\n\n* It was discovered that a malicious web application could bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. (CVE-2016-5018)\n\n* It was discovered that when a SecurityManager is configured Tomcat's system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible. (CVE-2016-6794)\n\n* It was discovered that a malicious web application could bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. (CVE-2016-6796)\n\n* It was discovered that it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not. (CVE-2016-6797)\n\nThe CVE-2016-6325 issue was discovered by Red Hat Product Security.\n\nEnhancement(s):\n\n* This enhancement update adds the Red Hat JBoss Web Server 3.1.0 packages to Red Hat Enterprise Linux 7. These packages provide a number of enhancements over the previous version of Red Hat JBoss Web Server. (JIRA#JWS-268)", "published": "2015-11-13T00:12:07", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2017:0456", "cvelist": ["CVE-2016-0762", "CVE-2016-1240", "CVE-2016-3092", "CVE-2016-3427", "CVE-2016-5018", "CVE-2016-6325", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-8735", "CVE-2016-8745"], "lastseen": "2017-07-24T12:57:48"}, {"id": "RHSA-2017:0457", "type": "redhat", "title": "(RHSA-2017:0457) Important: Red Hat JBoss Web Server security and enhancement update", "description": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements.\n\nSecurity Fix(es):\n\n* It was reported that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. (CVE-2016-1240)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is only included in EWS 2.x and JWS 3.x source distributions. If you deploy a Tomcat instance built from source, using the EWS 2.x, or JWS 3.x distributions, an attacker could use this flaw to launch a remote code execution attack on your deployed instance. (CVE-2016-8735)\n\n* A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer (4096 bytes) used to read the uploaded file if the boundary was the typical tens of bytes long. (CVE-2016-3092)\n\n* It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own. (CVE-2016-6816)\n\n* A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body. (CVE-2016-8745)\n\n* The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. (CVE-2016-0762)\n\n* It was discovered that a malicious web application could bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. (CVE-2016-5018)\n\n* It was discovered that when a SecurityManager is configured Tomcat's system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible. (CVE-2016-6794)\n\n* It was discovered that a malicious web application could bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. (CVE-2016-6796)\n\n* It was discovered that it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not. (CVE-2016-6797)\n\nThe CVE-2016-6325 issue was discovered by Red Hat Product Security.\n\nEnhancement(s):\n\n* This enhancement update adds the Red Hat JBoss Web Server 3.1.0. These packages provide a number of enhancements over the previous version of Red Hat JBoss Web Server.\n\nUsers of Red Hat JBoss Web Server are advised to upgrade to these updated packages, which add this enhancement.", "published": "2017-03-07T23:57:09", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2017:0457", "cvelist": ["CVE-2016-0762", "CVE-2016-1240", "CVE-2016-3092", "CVE-2016-3427", "CVE-2016-5018", "CVE-2016-6325", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2016-6816", "CVE-2016-8735", "CVE-2016-8745"], "lastseen": "2017-07-26T22:58:12"}], "kaspersky": [{"id": "KLA10793", "type": "kaspersky", "title": "\r KLA10793\nMultiple vulnerabilities in Oracle Java SE\t\t\t ", "description": "### *CVSS*:\n7.2\n\n### *Detect date*:\n04/19/2016\n\n### *Severity*:\nHigh\n\n### *Description*:\nAn unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive vulnerability. These vulnerabilities can be exploited remotely via a multiple vectors related to 2D, Hotspot, Serialization, JMX, Deployment, Security, JAXP and JCE sub-components.\n\n### *Affected products*:\nOracle Java SE 6 update 113 \nOracle Java SE 7 update 99 \nOracle Java SE 8 update 77 \nOracle Java SE Embedded 8 update 77 \nOracle JRockit R28.3.9\n\n### *Solution*:\nUpdate to the latest version \n[Get Java SE](<http://www.oracle.com/technetwork/java/javase/downloads/index.html>)\n\n### *Original advisories*:\n[Oracle bulletin](<http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle JRockit](<https://threats.kaspersky.com/en/product/Oracle-JRockit-2/>)\n\n### *CVE-IDS*:\n[CVE-2016-3449](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3449>) \n[CVE-2016-3443](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3443>) \n[CVE-2016-3427](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427>) \n[CVE-2016-3426](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3426>) \n[CVE-2016-3425](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425>) \n[CVE-2016-3422](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3422>) \n[CVE-2016-0695](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695>) \n[CVE-2016-0687](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687>) \n[CVE-2016-0686](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686>)", "published": "2016-04-19T00:00:00", "cvss": {"score": 7.2, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10793", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-3449", "CVE-2016-3422", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2017-05-01T09:33:25"}], "gentoo": [{"id": "GLSA-201606-18", "type": "gentoo", "title": "IcedTea: Multiple vulnerabilities", "description": "### Background\n\nIcedTea\u2019s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. \n\n### Description\n\nVarious OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP, exist which allows remote attackers to affect the confidentiality, integrity, and availability of vulnerable systems. Many of the vulnerabilities can only be exploited through sandboxed Java Web Start applications and java applets. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nRemote attackers may execute arbitrary code, compromise information, or cause Denial of Service. \n\n### Workaround\n\nThere is no known work around at this time.\n\n### Resolution\n\nGentoo Security is no longer supporting dev-java/icedtea, as it has been officially dropped from the stable tree. \n\nUsers of the IcedTea 3.x binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/icedtea-bin-3.0.1\"\n \n\nUsers of the IcedTea 7.x binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/icedtea-7.2.6.6\"", "published": "2016-06-27T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201606-18", "cvelist": ["CVE-2016-0695", "CVE-2016-3427", "CVE-2016-3449", "CVE-2016-3422", "CVE-2016-0636", "CVE-2016-3443", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-06T19:46:28"}], "debian": [{"id": "DSA-3558", "type": "debian", "title": "openjdk-7 -- security update", "description": "Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure.\n\nFor the stable distribution (jessie), these problems have been fixed in version 7u101-2.6.6-1~deb8u1.\n\nWe recommend that you upgrade your openjdk-7 packages.", "published": "2016-04-26T00:00:00", "cvss": {"score": 10, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-3558", "cvelist": ["CVE-2016-3426", "CVE-2016-0695", "CVE-2016-3427", "CVE-2016-0636", "CVE-2016-0687", "CVE-2016-3425", "CVE-2016-0686"], "lastseen": "2016-09-02T18:36:17"}], "myhack58": [{"id": "MYHACK58:62201681747", "type": "myhack58", "title": "Apache Tomcat multiple versions of a remote code execution CVE-2016-8735(POC)-vulnerability warning-the black bar safety net", "description": "Background description\nTomcat is by Apache Software Foundation subordinate's Jakarta a project development Servlet vessel, in accordance with Sun Microsystems to provide the technical specifications, the realization of the Servlet and JavaServer Page\uff08JSP\uff09support, and provides as a[Web server](<http://www.myhack58.com/Article/sort099/sort0100/Article_100_1.htm>)some unique functions, like Tomcat managed and controls the platform, secure domain management and the Tomcat valve and so on. Tomcat is very popular with the majority of programmers like it, because it runs out system resources occupied by small, scalable, support load balancing and Mail Service, etc. the development of the application system commonly used functions. \nVulnerability description\nOracle fixes JmxRemoteLifecycleListener deserialization Vulnerability(CVE-2016-3427)\u3002 Tomcat also uses the JmxRemoteLifecycleListener this listener,but the Tomcat did not timely upgrade, so there is this remote code execution vulnerability. \nAffected version: \nApache Tomcat 9.0.0. M1 to 9.0.0. M11 \nApache Tomcat 8.5.0 to 8.5.6 \nApache Tomcat 8.0.0. RC1 to 8.0.38 \nApache Tomcat 7.0.0 to 7.0.72 \nApache Tomcat 6.0.0 to 6.0.47 \n\nThe impact of the scene: \nZabbix 2.0 has been the JMX monitoring added to the system, itself, is no longer dependent on third-party tools. This is on a Tomcat application and other Java application monitoring easier. Herein, a simple description Zabbix use JMX to monitor Tomcat process. \nVulnerability verification code\uff08POC\uff09: \nTested version: tomcat version 8. 0. 36 \nconf/server. xml to increase the configuration, add the catalina-jmx-remote. jar package, modify the catalina configuration file\n! [](/Article/UploadPic/2016-12/2016123165437471. png? www. myhack58. com) \n! [](/Article/UploadPic/2016-12/2016123165437789. png? www. myhack58. com) \nF:\\HackTools\\EXP&gt;java-cp ysoserial-master-v0.0.4.jar ysoserial. exploit. RMIRegistryExploit localhost 10001 Groovy1 calc.exe \n! [](/Article/UploadPic/2016-12/2016123165437478. png? www. myhack58. com) \nThis vulnerability, there are other use posture, the harm is huge, so to change the JMX password authentication is very necessary! \nPatch code: \nDiff of /tomcat/trunk/webapps/docs/changelog.xml \n! [](http://mmbiz.qpic.cn/mmbiz_png?www.myhack58.com/kjV6I7ricq6PBVL3l6EL6f9c8SoI4wqMssZ6ib2jHichpQZPKzXxyC4OOV1BOduzZShTCllbIINUL8AJzyMcEPrAA/0?wx_fmt=png?www.myhack58.com) \nParent Directory | \n! [](http://mmbiz.qpic.cn/mmbiz_png?www.myhack58.com/kjV6I7ricq6PBVL3l6EL6f9c8SoI4wqMsxA7UdVzFs14K6cDMyEOpvxZpdRC7Mk3lxBGeicR22j3745Gv1Fp2y9Q/0?wx_fmt=png?www.myhack58.com) \nRevision Log | \n! [](http://mmbiz.qpic.cn/mmbiz_png?www.myhack58.com/kjV6I7ricq6PBVL3l6EL6f9c8SoI4wqMs9Lu69oUq1a4myu0Zq8iajeqm48FVkLlNRP0cfuyiaqNiclqg82Uyj4iayw/0?wx_fmt=png?www.myhack58.com) \nPatch \n\\--- tomcat/trunk/webapps/docs/changelog.xml 2016/11/02 11:57:28 1767643 \n+++ tomcat/trunk/webapps/docs/changelog.xml 2016/11/02 11:57:36 1767644 \n@@ -97,6 +97,10 @@ \nStoreConfig component includes the executor name when writing the \nThe Connector configuration. (markt) \n\n\\+ \n\\+ When configuring the JMX remote listener, specify the allowed types for \n\\+ the credentials. (markt) \n\\+ \n\n\n/tomcat/trunk/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java \n! [](http://mmbiz.qpic.cn/mmbiz_png?www.myhack58.com/kjV6I7ricq6PBVL3l6EL6f9c8SoI4wqMssZ6ib2jHichpQZPKzXxyC4OOV1BOduzZShTCllbIINUL8AJzyMcEPrAA/0?wx_fmt=png?www.myhack58.com) \nParent Directory | \n! [](http://mmbiz.qpic.cn/mmbiz_png?www.myhack58.com/kjV6I7ricq6PBVL3l6EL6f9c8SoI4wqMsxA7UdVzFs14K6cDMyEOpvxZpdRC7Mk3lxBGeicR22j3745Gv1Fp2y9Q/0?wx_fmt=png?www.myhack58.com) \nRevision Log | \n! [](http://mmbiz.qpic.cn/mmbiz_png?www.myhack58.com/kjV6I7ricq6PBVL3l6EL6f9c8SoI4wqMs9Lu69oUq1a4myu0Zq8iajeqm48FVkLlNRP0cfuyiaqNiclqg82Uyj4iayw/0?wx_fmt=png?www.myhack58.com) \nPatch \n\\--- tomcat/trunk/java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java 2016/11/02 11:57:28 1767643 \n\n\n**[1] [[2]](<81747_2.htm>) [next](<81747_2.htm>)**\n", "published": "2016-12-03T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.myhack58.com/Article/html/3/62/2016/81747.htm", "cvelist": ["CVE-2016-3427"], "lastseen": "2016-12-03T17:43:53"}], "vmware": [{"id": "VMSA-2016-0005", "type": "vmware", "title": "VMware product updates address critical and important security issues.", "description": "**a. Critical JMX issue when deserializing authentication credentials**\n\nThe RMI server of Oracle JRE JMX deserializes any class when deserializing authentication credentials. This may allow a remote, unauthenticated attacker to cause deserialization flaws and execute their commands.\n\n**Workarounds CVE-2016-3427**\n\nvCenter Server\n\nApply the steps of VMware Knowledge Base article 2145343 to vCenterServer 6.0 on Windows. See the table below for the specific vCenterServer 6.0 versions on Windows this applies to.\n\nvCloud Director\n\nNo workaround identified\n\nvSphere Replication\n\nNo workaround identified\n\nvRealize Operations Manager (non-appliance)\n\nThe non-appliance version of vRealize Operations Manager (vROps), which can be installed on Windows and Linux has no default firewall. In order to remove the remote exploitation possibility, access to the following external ports will need to be blocked on the system where the non-appliance version of vROps is installed:\n\n\\- vROps 6.2.x: port 9004, 9005, 9006, 9007, 9008\n\n\\- vROps 6.1.x: port 9004, 9005, 9007, 9008\n\n\\- vROps 6.0.x: port 9004, 9005\n\nNote: These ports are already blocked by default in the applianceversion of vROps.\n\nvRealize Infrastructure Navigator\n\nNo workaround identified\n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-3427 to this issue.\n\nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.\n", "published": "2016-05-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2016-0005.html", "cvelist": ["CVE-2016-3427", "CVE-2016-2077"], "lastseen": "2016-11-22T21:24:55"}], "archlinux": [{"id": "ASA-201611-22", "type": "archlinux", "title": "tomcat6: multiple issues", "description": "- CVE-2016-6816 (information disclosure)\n\nThe code that parsed the HTTP request line permitted invalid\ncharacters. This could be exploited, in conjunction with a proxy that\nalso permitted the invalid characters but with a different\ninterpretation, to inject data into the HTTP response. By manipulating\nthe HTTP response, the attacker could poison a web-cache, perform an\nXSS attack and/or obtain sensitive information from requests other then\ntheir own.\n\n- CVE-2016-8735 (arbitrary code execution)\n\nThe JmxRemoteLifecycleListener was not updated to take account of\nOracle's fix for CVE-2016-3427. Therefore, Tomcat installations using\nthis listener remained vulnerable to a similar remote code execution\nvulnerability.", "published": "2016-11-23T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://lists.archlinux.org/pipermail/arch-security/2016-November/000769.html", "cvelist": ["CVE-2016-3427", "CVE-2016-6816", "CVE-2016-8735"], "lastseen": "2016-11-25T13:23:06"}], "pentestit": [{"id": "PENTESTIT:C47AA6D1808026ACA45B1AD1CF25CA3B", "type": "pentestit", "title": "JexBoss: Java Deserialization Verification & EXploitation Tool!", "description": "PenTestIT RSS Feed\n\nI was working with a customers Red Hat JBoss server today and wanted to test for affected deserialization vulnerabilities. Though my favourite go-to tool - the Burp Suite has many extensions, I wanted to try something that I had not before. That's when I stumbled across **JexBoss**, which turned out to be a pretty decent [open source](<http://pentestit.com/tag/open-source/>) tool. I think _JexBoss_ is a play on Java EXploitation like a Boss wording.\n\n\n\n## What is JexBoss?\n\nJexBoss is an open source tool in Python to help you exploit and verify Java and Red Hat JBoss deserialization vulnerabilities. As we all know, serialization converts and objects state to a byte stream so that a copy of the same object can be obtained by reverting the byte stream itself. Presumably, to deserialize is to reverse serialization, ie. taking the serialized data to rebuild it into the original object. This problem is trivial in Java as there are no checks on the classes that can be deserialized.\n\n## Features of JexBoss:\n\nThe tool and exploits were developed and tested for:\n\n * JBoss Application Server versions: 3, 4, 5 and 6.\n * Java Deserialization Vulnerabilities in multiple java frameworks, platforms and applications (e.g., Java Server Faces - JSF, Seam Framework, RMI over HTTP, Jenkins CLI RCE (CVE-2015-5317), DNS gadget, Remote JMX (CVE-2016-3427, CVE-2016-8735), Apache Struts2 Jakarta Multipart parser CVE-2017-5638, etc.)\n * Supported exploitation vectors are: \n * /_admin-console_: Tested and working in JBoss versions 5 and 6.\n * /_jmx-console_: Tested and working in JBoss versions 4, 5 and 6.\n * /_jmx-console_/_HtmlAdaptor_: Tested and working in JBoss versions 4, 5 and 6.\n * /_web-console_/_Invoker_: Tested and working in JBoss versions 4, 5 and 6.\n * /_invoker_/_JMXInvokerServlet_: Tested and working in JBoss versions 4, 5 and 6.\n * Application Deserialization: Tested and working against multiple java applications, platforms, etc, via HTTP POST Parameters.\n * Servlet Deserialization: Tested and working against multiple java applications, platforms, etc, via servlets that process serialized objects.\n * Apache Struts2 Jakarta Multipart ([CVE-2017-5638](<http://pentestit.com/tag/CVE-2017-5638/>)): Tested against Apache Struts 2 applications.\n * Tries to authenticate to /_admin-console_/_login.seam_ using default user name and password - admin:admin.\n * Sends exploits with proper headers alternating with random User-Agent string.\n * Proxy support.\n * Auto scan and file scan modes.\n\nWith the auto scan and file scan modes, you can leverage this tool to launch a mass-scan against your own network in a short duration of time. Additionally, a payload also allows you to gain access to a reverse shell with Metasploit meterpreter support. Another good news is that it JexBoss is Python 2 &amp; Python 3 compatible. It also includes an auto-updater.\n\n## Download JexBoss:\n\nAs always, the current version - JexBoss version 1.2.4 - can be obtained by checking out the GIT repository from [**here**](<https://github.com/joaomatosf/jexboss>).\n\nThe post [JexBoss: Java Deserialization Verification &amp; EXploitation Tool!](<http://pentestit.com/jexboss-java-deserialization-verification-exploitation-tool/>) appeared first on [PenTestIT](<http://pentestit.com>).", "published": "2017-08-11T06:52:45", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://pentestit.com/jexboss-java-deserialization-verification-exploitation-tool/", "cvelist": ["CVE-2015-5317", "CVE-2016-3427", "CVE-2016-8735", "CVE-2017-5638"], "lastseen": "2017-08-11T08:07:48"}], "seebug": [{"id": "SSV-92553", "type": "seebug", "title": "Apache Tomcat Remote Code Execution\uff08CVE-2 0 1 6-8 7 3 5\uff09", "description": "No description provided by source.", "published": "2016-11-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-92553", "cvelist": ["CVE-2012-3439", "CVE-2016-3427", "CVE-2016-8735", "CVE-2012-5568"], "lastseen": "2016-11-25T08:38:52"}]}}