Sun's security advisory released for Slackware versions containing updates for Java Runtime Environment and Standard Edition Development Ki
Reporter | Title | Published | Views | Family All 38 |
---|---|---|---|---|
Prion | Security feature bypass | 21 Jul 200700:30 | – | prion |
OpenVAS | Slackware Advisory SSA:2007-243-01 java (jre, jdk) | 11 Sep 201200:00 | – | openvas |
OpenVAS | Slackware: Security Advisory (SSA:2007-243-01) | 10 Sep 201200:00 | – | openvas |
OpenVAS | SLES9: Security update for IBM Java2 JRE and SDK | 10 Oct 200900:00 | – | openvas |
OpenVAS | SLES9: Security update for IBM Java2 JRE and SDK | 10 Oct 200900:00 | – | openvas |
OpenVAS | RedHat Update for IBMJava2 RHSA-2008:0133-01 | 6 Mar 200900:00 | – | openvas |
OpenVAS | RedHat Update for IBMJava2 RHSA-2008:0133-01 | 6 Mar 200900:00 | – | openvas |
OpenVAS | SuSE Update for IBM Java SUSE-SA:2007:056 | 28 Jan 200900:00 | – | openvas |
OpenVAS | Gentoo Security Advisory GLSA 200709-15 (jrockit-jdk-bin) | 24 Sep 200800:00 | – | openvas |
OpenVAS | Gentoo Security Advisory GLSA 200709-15 (jrockit-jdk-bin) | 24 Sep 200800:00 | – | openvas |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory 2007-243-01. The text
# itself is copyright (C) Slackware Linux, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(25957);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2007-3922");
script_bugtraq_id(22085, 24004, 24846);
script_xref(name:"SSA", value:"2007-243-01");
script_name(english:"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : java (jre, jdk) (SSA:2007-243-01)");
script_summary(english:"Checks for updated packages in /var/log/packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Slackware host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Sun has released security advisories pertaining to both the Java
Runtime Environment and the Standard Edition Development Kit. One such
advisory may be found here:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
Updated versions of both the jre and jdk packages are provided which
address all known flaws in Java(TM) at this time. There may be more
advisories on http://sunsolve.sun.com describing other flaws that are
patched with this update. Happy hunting! Slackware repackages Sun's
Java(TM) binaries without changing them, so the packages from
Slackware 12.0 should work on all glibc based Slackware versions."
);
# http://sunsolve.sun.com
script_set_attribute(
attribute:"see_also",
value:"http://web.archive.org/web/20101212032026/http://sunsolve.sun.com/"
);
# http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?de36d97b"
);
# http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?31748020"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected jdk and / or jre packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:jdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:jre");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:11.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:8.1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.0");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.1");
script_set_attribute(attribute:"patch_publication_date", value:"2007/08/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/09/03");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Slackware Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
flag = 0;
if (slackware_check(osver:"8.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"8.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"9.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"9.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"9.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"9.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.2", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.2", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"11.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"11.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"12.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"12.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo