Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2021 Tenable Network Security, Inc.SUSE9_12691.NASL
HistoryApr 01, 2011 - 12:00 a.m.

SuSE9 Security Update : IBM Java JRE and SDK (YOU Patch Number 12691)

2011-04-0100:00:00
This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.
www.tenable.com
13
JSON

IBM Java 5 was updated to SR 12 FP 4 fixing various security issues.

For more details, please check the IBM JDK Alerts page :

http://www.ibm.com/developerworks/java/jdk/alerts/

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(53251);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2010-4447", "CVE-2010-4448", "CVE-2010-4450", "CVE-2010-4454", "CVE-2010-4462", "CVE-2010-4465", "CVE-2010-4466", "CVE-2010-4468", "CVE-2010-4471", "CVE-2010-4473", "CVE-2010-4475");

  script_name(english:"SuSE9 Security Update : IBM Java JRE and SDK (YOU Patch Number 12691)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 9 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"IBM Java 5 was updated to SR 12 FP 4 fixing various security issues.

For more details, please check the IBM JDK Alerts page :

http://www.ibm.com/developerworks/java/jdk/alerts/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4447.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4448.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4450.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4454.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4462.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4465.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4466.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4468.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4471.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4473.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-4475.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12691.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/01");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SUSE9", reference:"IBMJava5-JRE-1.5.0_sr12.4-0.6")) flag++;
if (rpm_check(release:"SUSE9", reference:"IBMJava5-SDK-1.5.0_sr12.4-0.6")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

References

Related

nessus 40
redhat 7
openvas 42
suse 4
prion 11
ubuntucve 11
cve 11
securityvulns 5
ubuntu 3
centos 1
oraclelinux 1
osv 1
debian 1
fedora 6
veracode 11
zdi 3
checkpoint_advisories 1
seebug 1
vmware 2
gentoo 2
oracle 1
nessus
nessus
RHEL 4 / 5 / 6 : java-1.5.0-ibm (RHSA-2011:0364)
2011-03-18 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7442)
2011-12-13 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7388)
2011-03-31 00:00:00
redhat
redhat
(RHSA-2011:0364) Critical: java-1.5.0-ibm security update
2011-03-17 00:00:00
(RHSA-2011:0490) Critical: java-1.4.2-ibm security update
2011-05-05 00:00:00
(RHSA-2011:0870) Moderate: java-1.4.2-ibm-sap security update
2011-06-15 00:00:00
openvas
openvas
Oracle Java SE Multiple Unspecified Vulnerabilities (Windows)
2011-02-28 00:00:00
Oracle Java SE Multiple Unspecified Vulnerabilities (Windows)
2011-02-28 00:00:00
HP-UX Update for Java HPSBUX02685
2011-06-06 00:00:00
suse
suse
Security update for IBM Java 1.4.2 (important)
2011-07-22 05:08:11
remote code execution in java-1_4_2-ibm
2011-05-13 13:10:27
remote code execution in java-1_6_0-sun
2011-02-22 14:41:11
prion
prion
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
Design/Logic Flaw
2011-02-17 19:00:00
ubuntucve
ubuntucve
CVE-2010-4454
2011-02-17 00:00:00
CVE-2010-4473
2011-02-17 00:00:00
CVE-2010-4462
2011-02-17 00:00:00
cve
cve
CVE-2010-4454
2011-02-17 19:00:00
CVE-2010-4462
2011-02-17 19:00:00
CVE-2010-4473
2011-02-17 19:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities / OpenJDK
2011-02-17 00:00:00
ZDI-11-085: Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability
2011-02-17 00:00:00
ZDI-11-083: Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
2011-02-17 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2011-03-17 00:00:00
OpenJDK 6 vulnerabilities
2011-03-15 00:00:00
OpenJDK 6 vulnerabilities
2011-03-01 00:00:00
centos
centos
java security update
2011-04-14 14:33:37
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2011-02-17 00:00:00
osv
osv
openjdk-6 - several
2011-04-20 00:00:00
debian
debian
[SECURITY] [DSA 2224-1] openjdk-6 security update
2011-04-20 20:19:48
fedora
fedora
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-52.1.9.7.fc14
2011-02-16 19:20:33
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-50.1.8.7.fc13
2011-02-16 19:17:23
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-51.1.8.8.fc13
2011-06-15 05:33:46
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:57:57
Denial Of Service (DoS)
2020-04-10 00:57:57
Unspecified Vulnerability
2020-04-10 00:57:55
zdi
zdi
Oracle Java Runtime NTLM Authentication Information Leakage Vulnerability
2011-02-15 00:00:00
Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability
2011-02-15 00:00:00
Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
2011-02-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java XGetSamplePtrFromSnd Memory Corruption (CVE-2010-4462)
2011-06-28 00:00:00
seebug
seebug
Oracle Java Appletε‰ͺ贴板注ε…₯θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-12-01 00:00:00
vmware
vmware
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
2011-10-27 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2011-11-05 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
oracle
oracle
cpuapr2011
2011-04-19 00:00:00
JSON
Related for SUSE9_12691.NASL
nessus40redhat7openvas42suse4prion11ubuntucve11cve11securityvulns5ubuntu3centos1oraclelinux1osv1debian1fedora6veracode11zdi3checkpoint_advisories1seebug1vmware2gentoo2oracle1