Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.SUSE_11_JAVA-1_6_0-IBM-130416.NASL
HistoryApr 24, 2013 - 12:00 a.m.

SuSE 11.2 Security Update : IBM Java (SAT Patch Number 7627)

2013-04-2400:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
19
JSON

IBM Java 6 has been updated to SR13 FP1 which fixes bugs and security issues.

More information can be found on :

http://www.ibm.com/developerworks/java/jdk/alerts/

and on :

http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.htm l#SR13FP1

CVEs fixed: CVE-2013-0485 / CVE-2013-0809 / CVE-2013-1493 / CVE-2013-0169

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(66194);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id(
    "CVE-2013-0169",
    "CVE-2013-0485",
    "CVE-2013-0809",
    "CVE-2013-1493"
  );
  script_xref(name:"CEA-ID", value:"CEA-2019-0547");

  script_name(english:"SuSE 11.2 Security Update : IBM Java (SAT Patch Number 7627)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 11 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"IBM Java 6 has been updated to SR13 FP1 which fixes bugs and security
issues.

More information can be found on :

http://www.ibm.com/developerworks/java/jdk/alerts/

and on :

http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.htm
l#SR13FP1

CVEs fixed: CVE-2013-0485 / CVE-2013-0809 / CVE-2013-1493 /
CVE-2013-0169");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=813939");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-0169.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-0485.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-0809.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-1493.html");
  script_set_attribute(attribute:"solution", value:
"Apply SAT patch number 7627.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java CMM Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/04/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/04/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");


flag = 0;
if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-1.6.0_sr13.1-0.9.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-fonts-1.6.0_sr13.1-0.9.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-jdbc-1.6.0_sr13.1-0.9.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr13.1-0.9.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr13.1-0.9.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"java-1_6_0-ibm-plugin-1.6.0_sr13.1-0.9.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin
novellsuse_linux11cpe:/o:novell:suse_linux:11

Related

suse 7
openvas 44
nessus 52
redhat 6
fedora 2
cert 1
centos 4
amazon 2
securityvulns 4
oraclelinux 4
cve 4
threatpost 4
ubuntu 2
prion 5
ubuntucve 4
zdi 3
ibm 25
veracode 4
checkpoint_advisories 2
saint 4
seebug 1
zdt 1
f5 3
packetstorm 1
metasploit 1
slackware 1
openssl 1
hackerone 1
pentestpartners 1
debiancve 1
exploitdb 1
osv 1
altlinux 2
suse
suse
Security update for java-1_6_0-ibm (important)
2013-04-23 22:04:39
Security update for java-1_7_0-ibm (important)
2013-04-18 19:04:39
Security update for IBM Java (important)
2013-04-23 21:04:26
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:0701-2)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0701-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:0710-1)
2021-06-09 00:00:00
nessus
nessus
SuSE 10 Security Update : java-1_6_0-ibm (ZYPP Patch Number 8544)
2013-04-24 00:00:00
SuSE 11.2 Security Update : java-1_7_0-ibm (SAT Patch Number 7623)
2013-04-19 00:00:00
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8543)
2013-04-24 00:00:00
redhat
redhat
(RHSA-2013:0603) Important: java-1.7.0-openjdk security update
2013-03-06 00:00:00
(RHSA-2013:0605) Critical: java-1.6.0-openjdk security update
2013-03-06 00:00:00
(RHSA-2013:0602) Critical: java-1.7.0-openjdk security update
2013-03-06 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc18
2013-03-14 02:56:25
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc17
2013-03-06 22:58:17
cert
cert
Oracle Java contains multiple vulnerabilities
2013-03-05 00:00:00
centos
centos
java security update
2013-03-06 21:09:16
java security update
2013-03-06 21:15:03
java security update
2013-03-06 21:08:42
amazon
amazon
Important: java-1.7.0-openjdk
2013-03-14 22:03:00
Important: java-1.6.0-openjdk
2013-03-14 22:03:00
securityvulns
securityvulns
APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14
2013-03-11 00:00:00
US-CERT Alert TA13-064A: Oracle Java Contains Multiple Vulnerabilities
2013-03-11 00:00:00
ESA-2013-032 RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery &#40;aka “Lucky Thirteen”&#41; Vulnerability
2013-07-15 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2013-03-06 00:00:00
java-1.6.0-openjdk security update
2013-03-06 00:00:00
java-1.6.0-openjdk security update
2013-03-06 00:00:00
cve
cve
CVE-2013-0809
2013-03-05 22:06:00
CVE-2013-0485
2014-01-21 18:55:00
CVE-2013-1493
2013-03-05 22:06:00
threatpost
threatpost
Attackers Beat Java Default Security Settings with Social Engineering
2013-03-05 17:27:40
Oracle Rushes Emergency Java Update to Patch McRAT Vulnerabilities
2013-03-04 22:37:58
The Java Zero-Day Procession Continues
2013-03-01 16:34:30
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2013-03-05 00:00:00
OpenJDK 7 vulnerabilities
2013-03-07 00:00:00
prion
prion
Design/Logic Flaw
2013-03-05 22:06:00
Design/Logic Flaw
2014-01-21 18:55:00
Memory corruption
2013-03-05 22:06:00
ubuntucve
ubuntucve
CVE-2013-0809
2013-03-04 00:00:00
CVE-2013-1493
2013-03-04 00:00:00
CVE-2013-0169
2013-02-08 00:00:00
zdi
zdi
Oracle Java Runtime Environment AWT mediaLib Remote Code Execution Vulnerability
2013-06-27 00:00:00
Oracle Java Image ColorConvert Remote Code Execution Vulnerability
2013-06-27 00:00:00
Oracle Java cmmColorConvert Remote Code Execution Vulnerability
2013-06-27 00:00:00
ibm
ibm
Security Bulletin: Tivoli Storage Productivity Center affected by vulnerabilities in OpenSSL (CVE-2013-0169, CVE-2012-2686, CVE-2013-0166)
2022-08-19 18:23:31
Security Bulletin: Security vulnerability in Rational Developer for System z (CVE-2013-0485)
2020-10-27 15:51:50
Security Bulletin: Java Vulnerability in Rational Automation Framework (CVE-2013-0169)
2018-06-17 04:48:04
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:59:18
Arbitrary Code Execution
2019-05-02 04:53:58
Timing Attacks
2017-02-10 05:59:15
checkpoint_advisories
checkpoint_advisories
Oracle Java 2D ImagingLib Integer Overflow (CVE-2013-0809)
2013-03-24 00:00:00
Oracle Java Runtime CMM Code Execution (CVE-2013-1493)
2013-03-10 00:00:00
saint
saint
Java Runtime Environment Color Management memory overwrite
2013-04-04 00:00:00
Java Runtime Environment Color Management memory overwrite
2013-04-04 00:00:00
Java Runtime Environment Color Management memory overwrite
2013-04-04 00:00:00
seebug
seebug
Java CMM Remote Code Execution
2014-07-01 00:00:00
zdt
zdt
Java CMM Remote Code Execution Vulnerability
2013-03-28 00:00:00
f5
f5
K14190 : TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
2015-04-30 00:00:00
SOL14190 - TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
2013-02-08 00:00:00
K15637 : GnuTLS vulnerability CVE-2013-2116
2014-10-16 00:00:00
packetstorm
packetstorm
Java CMM Remote Code Execution
2013-03-28 00:00:00
metasploit
metasploit
Java CMM Remote Code Execution
2013-03-26 21:30:18
slackware
slackware
openssl
2013-02-11 23:49:59
openssl
openssl
Vulnerability in OpenSSL CVE-2013-0169
2013-02-04 00:00:00
hackerone
hackerone
Legal Robot: LUCKY13 (CVE-2013-0169) effects legalrobot.com
2017-07-30 20:00:47
pentestpartners
pentestpartners
Vulnerabilities that (mostly) aren’t: LUCKY13
2024-05-03 05:12:27
debiancve
debiancve
CVE-2013-0169
2013-02-08 19:55:00
exploitdb
exploitdb
Java CMM - Remote Code Execution (Metasploit)
2013-03-29 00:00:00
osv
osv
CVE-2016-2107
2016-05-05 01:59:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.0k-alt1
2013-02-27 00:00:00
JSON
Related for SUSE_11_JAVA-1_6_0-IBM-130416.NASL
suse7openvas44nessus52redhat6fedora2cert1centos4amazon2securityvulns4oraclelinux4cve4threatpost4ubuntu2prion5ubuntucve4zdi3ibm25veracode4checkpoint_advisories2saint4seebug1zdt1f53packetstorm1metasploit1slackware1openssl1hackerone1pentestpartners1debiancve1exploitdb1osv1altlinux2