Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20171020_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
HistoryOct 23, 2017 - 12:00 a.m.

Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20171020)

2017-10-2300:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
35
JSON

Security Fix(es) :

  • Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10285, CVE-2017-10346)

  • It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the- middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients. (CVE-2017-10388)

  • It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store. (CVE-2017-10356)

  • A flaw was found in the Smart Card IO component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10274)

  • It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server. (CVE-2017-10355)

  • It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request. (CVE-2017-10295)

  • It was discovered that multiple classes in the JAXP, Serialization, Libraries, and JAX-WS components of OpenJDK did not limit the amount of memory allocated when creating object instances from the serialized form.
    A specially crafted input could cause a Java application to use an excessive amount of memory when deserialized.
    (CVE-2017-10349, CVE-2017-10357, CVE-2017-10347, CVE-2017-10281, CVE-2017-10345, CVE-2017-10348, CVE-2017-10350)

Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(104093);
  script_version("3.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2017-10274", "CVE-2017-10281", "CVE-2017-10285", "CVE-2017-10295", "CVE-2017-10345", "CVE-2017-10346", "CVE-2017-10347", "CVE-2017-10348", "CVE-2017-10349", "CVE-2017-10350", "CVE-2017-10355", "CVE-2017-10356", "CVE-2017-10357", "CVE-2017-10388");

  script_name(english:"Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20171020)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Security Fix(es) :

  - Multiple flaws were discovered in the RMI and Hotspot
    components in OpenJDK. An untrusted Java application or
    applet could use these flaws to completely bypass Java
    sandbox restrictions. (CVE-2017-10285, CVE-2017-10346)

  - It was discovered that the Kerberos client
    implementation in the Libraries component of OpenJDK
    used the sname field from the plain text part rather
    than encrypted part of the KDC reply message. A
    man-in-the- middle attacker could possibly use this flaw
    to impersonate Kerberos services to Java applications
    acting as Kerberos clients. (CVE-2017-10388)

  - It was discovered that the Security component of OpenJDK
    generated weak password-based encryption keys used to
    protect private keys stored in key stores. This made it
    easier to perform password guessing attacks to decrypt
    stored keys if an attacker could gain access to a key
    store. (CVE-2017-10356)

  - A flaw was found in the Smart Card IO component in
    OpenJDK. An untrusted Java application or applet could
    use this flaw to bypass certain Java sandbox
    restrictions. (CVE-2017-10274)

  - It was found that the FtpClient implementation in the
    Networking component of OpenJDK did not set connect and
    read timeouts by default. A malicious FTP server or a
    man-in-the-middle attacker could use this flaw to block
    execution of a Java application connecting to an FTP
    server. (CVE-2017-10355)

  - It was found that the HttpURLConnection and
    HttpsURLConnection classes in the Networking component
    of OpenJDK failed to check for newline characters
    embedded in URLs. An attacker able to make a Java
    application perform an HTTP request using an attacker
    provided URL could possibly inject additional headers
    into the request. (CVE-2017-10295)

  - It was discovered that multiple classes in the JAXP,
    Serialization, Libraries, and JAX-WS components of
    OpenJDK did not limit the amount of memory allocated
    when creating object instances from the serialized form.
    A specially crafted input could cause a Java application
    to use an excessive amount of memory when deserialized.
    (CVE-2017-10349, CVE-2017-10357, CVE-2017-10347,
    CVE-2017-10281, CVE-2017-10345, CVE-2017-10348,
    CVE-2017-10350)

Note: If the web browser plug-in provided by the icedtea-web package
was installed, the issues exposed via Java applets could have been
exploited without user interaction if a user visited a malicious
website."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1710&L=scientific-linux-errata&F=&S=&P=12826
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?5ea9866c"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-zip");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-zip-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src-debug");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/10/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/10/23");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-debug-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-debuginfo-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-demo-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-demo-debug-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-devel-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-devel-debug-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-headless-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-headless-debug-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-javadoc-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-javadoc-debug-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-src-1.8.0.151-1.b12.el6_9")) flag++;
if (rpm_check(release:"SL6", reference:"java-1.8.0-openjdk-src-debug-1.8.0.151-1.b12.el6_9")) flag++;

if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-accessibility-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-accessibility-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-debuginfo-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-demo-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-demo-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-devel-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-devel-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-headless-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-headless-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.8.0-openjdk-javadoc-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.8.0-openjdk-javadoc-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.8.0-openjdk-javadoc-zip-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-src-1.8.0.151-1.b12.el7_4")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.8.0-openjdk-src-debug-1.8.0.151-1.b12.el7_4")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxjava-1.8.0-openjdkp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk
fermilabscientific_linuxjava-1.8.0-openjdk-accessibilityp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility
fermilabscientific_linuxjava-1.8.0-openjdk-accessibility-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility-debug
fermilabscientific_linuxjava-1.8.0-openjdk-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debug
fermilabscientific_linuxjava-1.8.0-openjdk-debuginfop-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo
fermilabscientific_linuxjava-1.8.0-openjdk-demop-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo
fermilabscientific_linuxjava-1.8.0-openjdk-demo-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo-debug
fermilabscientific_linuxjava-1.8.0-openjdk-develp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel
fermilabscientific_linuxjava-1.8.0-openjdk-devel-debugp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel-debug
fermilabscientific_linuxjava-1.8.0-openjdk-headlessp-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless
Rows per page:
1-10 of 181

Related

openvas 20
nessus 50
osv 3
redhat 9
amazon 2
debian 3
ibm 75
oraclelinux 2
mageia 1
gentoo 2
centos 2
ubuntu 2
suse 10
aix 1
kaspersky 1
photon 1
cve 3
prion 5
ubuntucve 2
veracode 2
debiancve 2
redhatcve 1
openvas
openvas
Debian Security Advisory DSA 4015-1 (openjdk-8 - security update)
2017-11-02 00:00:00
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2017-1254)
2020-01-23 00:00:00
RedHat Update for java-1.8.0-openjdk RHSA-2017:2998-01
2017-10-21 00:00:00
nessus
nessus
Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2017-2998)
2017-11-16 00:00:00
NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0119)
2019-08-12 00:00:00
Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-3497-1)
2017-11-29 00:00:00
osv
osv
openjdk-8 - security update
2017-11-02 00:00:00
openjdk-7 - security update
2017-11-23 00:00:00
openjdk-7 - security update
2017-11-23 00:00:00
redhat
redhat
(RHSA-2017:2998) Critical: java-1.8.0-openjdk security update
2017-10-20 10:13:17
(RHSA-2017:3392) Important: java-1.7.0-openjdk security and bug fix update
2017-12-06 12:23:01
(RHSA-2017:3268) Critical: java-1.7.1-ibm security update
2017-11-28 20:28:12
amazon
amazon
Critical: java-1.8.0-openjdk
2017-10-26 19:46:00
Critical: java-1.7.0-openjdk
2017-12-20 19:02:00
debian
debian
[SECURITY] [DSA 4015-1] openjdk-8 security update
2017-11-02 21:44:03
[SECURITY] [DSA 4048-1] openjdk-7 security update
2017-11-23 22:11:38
[SECURITY] [DLA 1187-1] openjdk-7 security update
2017-11-23 17:31:43
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM)
2018-06-18 01:42:25
Security Bulletin: Multiple vulnerabilities in IBM JRE affect IBM Tivoli Composite Application Manager for Transactions (Multiple CVEs)
2018-06-17 15:49:22
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server
2018-06-16 14:19:15
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2017-10-20 00:00:00
java-1.7.0-openjdk security and bug fix update
2017-12-06 00:00:00
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2017-12-21 21:18:18
gentoo
gentoo
IcedTea: Multiple vulnerabilities
2017-11-19 00:00:00
Oracle JDK/JRE: Multiple vulnerabilities
2017-10-29 00:00:00
centos
centos
java security update
2017-10-20 15:50:18
java security update
2017-12-06 15:21:38
ubuntu
ubuntu
OpenJDK 8 vulnerabilities
2017-11-08 00:00:00
OpenJDK 7 vulnerabilities
2017-11-29 00:00:00
suse
suse
Security update for java-1_6_0-ibm (important)
2017-12-07 21:12:27
Security update for java-1_6_0-ibm (important)
2017-12-19 12:10:10
Security update for java-1_7_0-ibm (important)
2018-01-10 12:10:02
aix
aix
There are multiple vulnerabilities in IBM SDK Java Technology Edition
2017-12-07 12:20:05
kaspersky
kaspersky
KLA11122 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
2017-10-17 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2017-0080
2017-10-24 00:00:00
cve
cve
CVE-2017-10274
2017-10-19 17:29:00
CVE-2017-10285
2017-10-19 17:29:00
CVE-2017-10281
2017-10-19 17:29:00
prion
prion
Design/Logic Flaw
2017-10-19 17:29:00
Code injection
2017-10-19 17:29:00
Design/Logic Flaw
2017-10-19 17:29:00
ubuntucve
ubuntucve
CVE-2017-10274
2017-10-19 00:00:00
CVE-2017-10348
2017-10-19 00:00:00
veracode
veracode
Authorization Bypass
2019-01-15 09:20:42
Denial Of Service (DoS)
2019-05-02 06:37:52
debiancve
debiancve
CVE-2017-10347
2017-10-19 17:29:00
CVE-2017-10355
2017-10-19 17:29:00
redhatcve
redhatcve
CVE-2017-10295
2019-11-07 22:14:25
JSON
Related for SL_20171020_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL
openvas20nessus50osv3redhat9amazon2debian3ibm75oraclelinux2mageia1gentoo2centos2ubuntu2suse10aix1kaspersky1photon1cve3prion5ubuntucve2veracode2debiancve2redhatcve1