Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SLACKWARE_SSA_2007-243-01.NASL
HistorySep 03, 2007 - 12:00 a.m.

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : java (jre, jdk) (SSA:2007-243-01)

2007-09-0300:00:00
This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

Sun has released security advisories pertaining to both the Java Runtime Environment and the Standard Edition Development Kit. One such advisory may be found here:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 Updated versions of both the jre and jdk packages are provided which address all known flaws in Java™ at this time. There may be more advisories on http://sunsolve.sun.com describing other flaws that are patched with this update. Happy hunting! Slackware repackages Sun’s Java™ binaries without changing them, so the packages from Slackware 12.0 should work on all glibc based Slackware versions.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2007-243-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25957);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-3922");
  script_bugtraq_id(22085, 24004, 24846);
  script_xref(name:"SSA", value:"2007-243-01");

  script_name(english:"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : java (jre, jdk) (SSA:2007-243-01)");
  script_summary(english:"Checks for updated packages in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Sun has released security advisories pertaining to both the Java
Runtime Environment and the Standard Edition Development Kit. One such
advisory may be found here:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
Updated versions of both the jre and jdk packages are provided which
address all known flaws in Java(TM) at this time. There may be more
advisories on http://sunsolve.sun.com describing other flaws that are
patched with this update. Happy hunting! Slackware repackages Sun's
Java(TM) binaries without changing them, so the packages from
Slackware 12.0 should work on all glibc based Slackware versions."
  );
  # http://sunsolve.sun.com
  script_set_attribute(
    attribute:"see_also",
    value:"http://web.archive.org/web/20101212032026/http://sunsolve.sun.com/"
  );
  # http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?de36d97b"
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?31748020"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected jdk and / or jre packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:jdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:jre");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:8.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/08/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/09/03");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"8.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"8.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"9.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"9.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"9.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"9.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"10.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"10.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"10.2", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"10.2", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"11.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"11.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;

if (slackware_check(osver:"12.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"12.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
slackwareslackware_linuxjdkp-cpe:/a:slackware:slackware_linux:jdk
slackwareslackware_linuxjrep-cpe:/a:slackware:slackware_linux:jre
slackwareslackware_linux10.0cpe:/o:slackware:slackware_linux:10.0
slackwareslackware_linux10.1cpe:/o:slackware:slackware_linux:10.1
slackwareslackware_linux10.2cpe:/o:slackware:slackware_linux:10.2
slackwareslackware_linux11.0cpe:/o:slackware:slackware_linux:11.0
slackwareslackware_linux12.0cpe:/o:slackware:slackware_linux:12.0
slackwareslackware_linux8.1cpe:/o:slackware:slackware_linux:8.1
slackwareslackware_linux9.0cpe:/o:slackware:slackware_linux:9.0
slackwareslackware_linux9.1cpe:/o:slackware:slackware_linux:9.1

Related

openvas 10
ubuntucve 1
prion 1
cve 1
nessus 15
redhat 3
suse 1
gentoo 1
f5 2
openvas
openvas
Slackware Advisory SSA:2007-243-01 java (jre, jdk)
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2007-243-01)
2012-09-10 00:00:00
SLES9: Security update for IBM Java2 JRE and SDK
2009-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2007-3922
2007-07-21 00:00:00
prion
prion
Security feature bypass
2007-07-21 00:30:00
cve
cve
CVE-2007-3922
2007-07-21 00:30:00
nessus
nessus
HP-UX PHSS_37183 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1)
2007-11-20 00:00:00
HP-UX PHSS_37182 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1)
2007-11-20 00:00:00
HP-UX PHSS_37197 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1)
2007-11-20 00:00:00
redhat
redhat
(RHSA-2008:0133) Moderate: IBMJava2 security update
2008-06-24 00:00:00
(RHSA-2007:0818) Critical: java-1.5.0-sun security update
2007-08-06 00:00:00
(RHSA-2007:0829) Critical: java-1.5.0-ibm security update
2007-08-07 00:00:00
suse
suse
remote code execution in IBM Java
2007-10-18 17:55:07
gentoo
gentoo
BEA JRockit: Multiple vulnerabilities
2007-09-23 00:00:00
f5
f5
K16475 : Multiple Sun Java vulnerabilities
2015-04-21 00:00:00
SOL16475 - Multiple Sun Java vulnerabilities
2015-04-21 00:00:00
JSON
Related for SLACKWARE_SSA_2007-243-01.NASL
openvas10ubuntucve1prion1cve1nessus15redhat3suse1gentoo1f52