Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20161019_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
HistoryOct 20, 2016 - 12:00 a.m.

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20161019)

2016-10-2000:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
25
JSON

Security Fix(es) :

  • It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine’s memory and completely bypass Java sandbox restrictions. (CVE-2016-5582)

  • It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim’s browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573)

  • It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542)

Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms.

  • A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554)

  • A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597)

Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.

Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(94151);
  script_version("2.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2016-5542", "CVE-2016-5554", "CVE-2016-5573", "CVE-2016-5582", "CVE-2016-5597");

  script_name(english:"Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20161019)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Security Fix(es) :

  - It was discovered that the Hotspot component of OpenJDK
    did not properly check arguments of the
    System.arraycopy() function in certain cases. An
    untrusted Java application or applet could use this flaw
    to corrupt virtual machine's memory and completely
    bypass Java sandbox restrictions. (CVE-2016-5582)

  - It was discovered that the Hotspot component of OpenJDK
    did not properly check received Java Debug Wire Protocol
    (JDWP) packets. An attacker could possibly use this flaw
    to send debugging commands to a Java program running
    with debugging enabled if they could make victim's
    browser send HTTP requests to the JDWP port of the
    debugged application. (CVE-2016-5573)

  - It was discovered that the Libraries component of
    OpenJDK did not restrict the set of algorithms used for
    Jar integrity verification. This flaw could allow an
    attacker to modify content of the Jar file that used
    weak signing key or hash algorithm. (CVE-2016-5542)

Note: After this update, MD2 hash algorithm and RSA keys with less
than 1024 bits are no longer allowed to be used for Jar integrity
verification by default. MD5 hash algorithm is expected to be disabled
by default in the future updates. A newly introduced security property
jdk.jar.disabledAlgorithms can be used to control the set of disabled
algorithms.

  - A flaw was found in the way the JMX component of OpenJDK
    handled classloaders. An untrusted Java application or
    applet could use this flaw to bypass certain Java
    sandbox restrictions. (CVE-2016-5554)

  - A flaw was found in the way the Networking component of
    OpenJDK handled HTTP proxy authentication. A Java
    application could possibly expose HTTPS server
    authentication credentials via a plain text network
    connection to an HTTP proxy if proxy asked for
    authentication. (CVE-2016-5597)

Note: After this update, Basic HTTP proxy authentication can no longer
be used when tunneling HTTPS connection through an HTTP proxy. Newly
introduced system properties jdk.http.auth.proxying.disabledSchemes
and jdk.http.auth.tunneling.disabledSchemes can be used to control
which authentication schemes can be requested by an HTTP proxy when
proxying HTTP and HTTPS connections respectively.

Note: If the web browser plug-in provided by the icedtea-web package
was installed, the issues exposed via Java applets could have been
exploited without user interaction if a user visited a malicious
website."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1610&L=scientific-linux-errata&F=&S=&P=4967
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?a5b53604"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src-debug");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/10/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/10/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/10/20");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-debug-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-debuginfo-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-demo-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-demo-debug-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-devel-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-devel-debug-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-headless-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-headless-debug-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-javadoc-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-javadoc-debug-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-src-1.8.0.111-0.b15.el6_8")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-src-debug-1.8.0.111-0.b15.el6_8")) flag++;

if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-accessibility-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-accessibility-debug-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-debug-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-debuginfo-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-demo-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-demo-debug-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-devel-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-devel-debug-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-headless-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-headless-debug-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.8.0-openjdk-javadoc-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.8.0-openjdk-javadoc-debug-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-src-1.8.0.111-1.b15.el7_2")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-src-debug-1.8.0.111-1.b15.el7_2")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxjava-1.8.0-openjdk-accessibilityp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility
fermilabscientific_linuxjava-1.8.0-openjdkp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk
fermilabscientific_linuxjava-1.8.0-openjdk-headlessp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless
fermilabscientific_linuxjava-1.8.0-openjdk-accessibility-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility-debug
fermilabscientific_linuxjava-1.8.0-openjdk-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debug
fermilabscientific_linuxjava-1.8.0-openjdk-debuginfop-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo
fermilabscientific_linuxjava-1.8.0-openjdk-demop-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo
fermilabscientific_linuxjava-1.8.0-openjdk-demo-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo-debug
fermilabscientific_linuxjava-1.8.0-openjdk-develp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel
fermilabscientific_linuxjava-1.8.0-openjdk-devel-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel-debug
Rows per page:
1-10 of 161

Related

nessus 50
mageia 1
ubuntu 3
amazon 3
openvas 30
centos 3
oraclelinux 3
debian 2
redhat 10
suse 9
ibm 67
f5 1
aix 1
gentoo 2
kaspersky 1
prion 2
debiancve 2
cve 3
ubuntucve 3
photon 1
veracode 1
redhatcve 1
nessus
nessus
Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2017-0061)
2017-01-13 00:00:00
EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1080)
2017-05-01 00:00:00
Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)
2017-02-07 00:00:00
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerability
2016-10-26 02:11:42
ubuntu
ubuntu
OpenJDK 8 vulnerabilities
2016-11-03 00:00:00
OpenJDK 6 vulnerabilities
2016-12-08 00:00:00
OpenJDK 7 vulnerabilities
2016-11-17 00:00:00
amazon
amazon
Critical: java-1.8.0-openjdk
2016-10-27 17:00:00
Important: java-1.6.0-openjdk
2017-02-06 18:00:00
Important: java-1.7.0-openjdk
2016-11-18 12:30:00
openvas
openvas
CentOS Update for java CESA-2016:2658 centos5
2016-11-20 00:00:00
CentOS Update for java CESA-2016:2079 centos7
2016-10-20 00:00:00
CentOS Update for java CESA-2017:0061 centos5
2017-01-13 00:00:00
centos
centos
java security update
2017-01-12 15:48:29
java security update
2016-11-12 06:29:49
java security update
2016-10-19 14:40:38
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2016-11-09 00:00:00
java-1.6.0-openjdk security update
2017-01-12 00:00:00
java-1.8.0-openjdk security update
2016-10-19 00:00:00
debian
debian
[SECURITY] [DLA 704-1] openjdk-7 security update
2016-11-06 23:22:35
[SECURITY] [DSA 3707-1] openjdk-7 security update
2016-11-07 18:31:05
redhat
redhat
(RHSA-2017:0061) Important: java-1.6.0-openjdk security update
2017-01-12 00:00:00
(RHSA-2016:2088) Critical: java-1.8.0-oracle security update
2016-10-20 12:23:06
(RHSA-2016:2079) Critical: java-1.8.0-openjdk security update
2016-10-19 07:58:43
suse
suse
Security update for java-1_8_0-openjdk (important)
2016-11-23 14:07:25
Security update for java-1_8_0-openjdk (important)
2016-11-19 16:06:26
Security update for java-1_8_0-openjdk (important)
2016-12-02 18:13:47
ibm
ibm
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2016 - Includes Oracle Oct 2016 CPU affect IBM Content Collector for File Systems
2018-06-17 12:17:33
There are vulnerabilities in IBM® Java™ Runtime Environments version 7.0, 7R1 and 8.0 that are used by Rational Host On-Demand (HOD)
2019-10-08 20:18:57
Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition
2018-06-15 07:05:53
f5
f5
K63427774 : Multiple Oracle Java SE vulnerabilities
2017-01-12 00:00:00
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2016-12-21 14:38:46
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2016-11-04 00:00:00
IcedTea: Multiple vulnerabilities
2017-01-19 00:00:00
kaspersky
kaspersky
KLA10887 Multiple vulnerabilities in Oracle Java SE
2016-10-19 00:00:00
prion
prion
Design/Logic Flaw
2016-10-25 14:30:00
Design/Logic Flaw
2016-10-25 14:30:00
debiancve
debiancve
CVE-2016-5573
2016-10-25 14:30:00
CVE-2016-5582
2016-10-25 14:30:00
cve
cve
CVE-2016-5582
2016-10-25 14:30:00
CVE-2016-5573
2016-10-25 14:30:00
CVE-2016-5542
2016-10-25 14:30:00
ubuntucve
ubuntucve
CVE-2016-5573
2016-10-25 00:00:00
CVE-2016-5582
2016-10-25 00:00:00
CVE-2016-5554
2016-10-25 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2016-0015
2016-12-29 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 05:50:42
redhatcve
redhatcve
CVE-2016-5582
2016-10-18 20:17:58
JSON
Related for SL_20161019_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
nessus50mageia1ubuntu3amazon3openvas30centos3oraclelinux3debian2redhat10suse9ibm67f51aix1gentoo2kaspersky1prion2debiancve2cve3ubuntucve3photon1veracode1redhatcve1