Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20200218_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL
HistoryFeb 19, 2020 - 12:00 a.m.

Scientific Linux Security Update : java-1.7.0-openjdk on SL7.x x86_64 (20200218)

2020-02-1900:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
48

7 High

AI Score

Confidence

Low

JSON

Security Fix(es) :

  • OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) (CVE-2020-2601)

  • OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604)

  • OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590)

  • OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) (CVE-2020-2593)

  • OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)

  • OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583)

  • OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('compat.inc');

if (description)
{
  script_id(133788);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/27");

  script_cve_id(
    "CVE-2020-2583",
    "CVE-2020-2590",
    "CVE-2020-2593",
    "CVE-2020-2601",
    "CVE-2020-2604",
    "CVE-2020-2654",
    "CVE-2020-2659"
  );

  script_name(english:"Scientific Linux Security Update : java-1.7.0-openjdk on SL7.x x86_64 (20200218)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Scientific Linux host is missing one or more security
updates.");
  script_set_attribute(attribute:"description", value:
"Security Fix(es) :

  - OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS
    (Security, 8229951) (CVE-2020-2601)

  - OpenJDK: Serialization filter changes via
    jdk.serialFilter property modification (Serialization,
    8231422) (CVE-2020-2604)

  - OpenJDK: Improper checks of SASL message properties in
    GssKrb5Base (Security, 8226352) (CVE-2020-2590)

  - OpenJDK: Incorrect isBuiltinStreamHandler check causing
    URL normalization issues (Networking, 8228548)
    (CVE-2020-2593)

  - OpenJDK: Excessive memory usage in OID processing in
    X.509 certificate parsing (Libraries, 8234037)
    (CVE-2020-2654)

  - OpenJDK: Incorrect exception processing during
    deserialization in BeanContextSupport (Serialization,
    8224909) (CVE-2020-2583)

  - OpenJDK: Incomplete enforcement of maxDatagramSockets
    limit in DatagramChannelImpl (Networking, 8231795)
    (CVE-2020-2659)");
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2002&L=SCIENTIFIC-LINUX-ERRATA&P=8398
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?73fa6831");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-2604");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/02/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/19");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-accessibility");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-headless");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-src");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Scientific Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-accessibility-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-debuginfo-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-headless-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", reference:"java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el7_7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"java-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el7_7")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc");
}
VendorProductVersionCPE
fermilabscientific_linuxjava-1.7.0-openjdkp-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk
fermilabscientific_linuxjava-1.7.0-openjdk-accessibilityp-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-accessibility
fermilabscientific_linuxjava-1.7.0-openjdk-debuginfop-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-debuginfo
fermilabscientific_linuxjava-1.7.0-openjdk-demop-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-demo
fermilabscientific_linuxjava-1.7.0-openjdk-develp-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-devel
fermilabscientific_linuxjava-1.7.0-openjdk-headlessp-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-headless
fermilabscientific_linuxjava-1.7.0-openjdk-javadocp-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-javadoc
fermilabscientific_linuxjava-1.7.0-openjdk-srcp-cpe:/a:fermilab:scientific_linux:java-1.7.0-openjdk-src
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

nessus 65
oraclelinux 7
openvas 16
osv 3
redhat 15
centos 5
amazon 5
suse 2
debian 3
mageia 1
ibm 70
ubuntu 1
f5 2
kaspersky 1
gentoo 1
symantec 1
prion 1
nessus
nessus
SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:0261-1)
2020-01-31 00:00:00
CentOS 6 : java-1.8.0-openjdk (CESA-2020:0157)
2020-01-30 00:00:00
Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2020-1345)
2020-02-24 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2020-02-19 00:00:00
java-1.7.0-openjdk security update
2020-02-27 00:00:00
java-1.8.0-openjdk security update
2020-01-21 00:00:00
openvas
openvas
CentOS: Security Advisory for java (CESA-2020:0157)
2020-01-29 00:00:00
Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2020-1395)
2020-04-16 00:00:00
Debian LTS: Security Advisory for openjdk-7 (DLA-2128-1)
2020-03-01 00:00:00
osv
osv
openjdk-7 - security update
2020-02-29 00:00:00
openjdk-8 - security update
2020-02-12 00:00:00
openjdk-11 - security update
2020-01-19 00:00:00
redhat
redhat
(RHSA-2020:0231) Important: java-1.8.0-openjdk security update
2020-01-27 08:07:14
(RHSA-2020:0632) Important: java-1.7.0-openjdk security update
2020-02-27 14:09:26
(RHSA-2020:0541) Important: java-1.7.0-openjdk security update
2020-02-18 13:53:22
centos
centos
java security update
2020-01-28 21:23:05
java security update
2020-01-28 21:30:06
java security update
2020-02-18 22:20:02
amazon
amazon
Important: java-1.8.0-openjdk
2020-02-20 01:00:00
Important: java-1.7.0-openjdk
2020-03-16 20:58:00
Important: java-1.8.0-openjdk
2020-02-17 19:51:00
suse
suse
Security update for java-1_8_0-openjdk (important)
2020-01-29 00:00:00
Security update for java-11-openjdk (important)
2020-01-28 00:00:00
debian
debian
[SECURITY] [DLA 2128-1] openjdk-7 security update
2020-02-29 12:18:39
[SECURITY] [DSA 4621-1] openjdk-8 security update
2020-02-12 22:14:32
[SECURITY] [DSA 4605-1] openjdk-11 security update
2020-01-19 21:52:05
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2020-01-30 21:28:34
ibm
ibm
Security Bulletin: Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU & Oracle Jan 2020 (CVE-2019-4732)
2020-04-01 05:05:01
Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition
2020-03-12 18:26:14
Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM i
2020-03-27 00:13:08
ubuntu
ubuntu
OpenJDK vulnerabilities
2020-01-28 00:00:00
f5
f5
K95453343 : Multiple Java vulnerabilities CVE-2020-2601, CVE-2020-2604, CVE-2020-2654
2021-03-26 00:00:00
K62103028 : Multiple Java vulnerabilities CVE-2020-2583, CVE-2020-2590, CVE-2020-2593
2021-03-26 00:00:00
kaspersky
kaspersky
KLA11646 Multiple vulnerabilities in Oracle JRE
2020-01-05 00:00:00
gentoo
gentoo
OpenJDK: Multiple vulnerabilities
2021-01-25 00:00:00
symantec
symantec
Oracle Java SE/Java SE Embedded CVE-2020-2659 Remote Security Vulnerability
2020-01-14 00:00:00
prion
prion
Design/Logic Flaw
2020-01-15 17:15:00

7 High

AI Score

Confidence

Low

JSON
Related for SL_20200218_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL
nessus65oraclelinux7openvas16osv3redhat15centos5amazon5suse2debian3mageia1ibm70ubuntu1f52kaspersky1gentoo1symantec1prion1