Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.SUSE_11_JAVA-1_6_0-IBM-131114.NASL
HistoryNov 19, 2013 - 12:00 a.m.

SuSE 11.2 / 11.3 Security Update : IBM Java 6 (SAT Patch Numbers 8549 / 8550)

2013-11-1900:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
25
JSON

IBM Java 6 SR15 has been released and fixes lots of bugs and security issues.

More information can be found on:
http://www.ibm.com/developerworks/java/jdk/alerts/

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(70960);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-3829", "CVE-2013-4041", "CVE-2013-5372", "CVE-2013-5375", "CVE-2013-5456", "CVE-2013-5457", "CVE-2013-5458", "CVE-2013-5772", "CVE-2013-5774", "CVE-2013-5776", "CVE-2013-5778", "CVE-2013-5780", "CVE-2013-5782", "CVE-2013-5783", "CVE-2013-5784", "CVE-2013-5787", "CVE-2013-5788", "CVE-2013-5789", "CVE-2013-5790", "CVE-2013-5797", "CVE-2013-5800", "CVE-2013-5801", "CVE-2013-5802", "CVE-2013-5803", "CVE-2013-5804", "CVE-2013-5809", "CVE-2013-5812", "CVE-2013-5814", "CVE-2013-5817", "CVE-2013-5818", "CVE-2013-5819", "CVE-2013-5820", "CVE-2013-5823", "CVE-2013-5824", "CVE-2013-5825", "CVE-2013-5829", "CVE-2013-5830", "CVE-2013-5831", "CVE-2013-5832", "CVE-2013-5838", "CVE-2013-5840", "CVE-2013-5842", "CVE-2013-5843", "CVE-2013-5848", "CVE-2013-5849", "CVE-2013-5850", "CVE-2013-5851");

  script_name(english:"SuSE 11.2 / 11.3 Security Update : IBM Java 6 (SAT Patch Numbers 8549 / 8550)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"IBM Java 6 SR15 has been released and fixes lots of bugs and security
issues.

More information can be found on:
http://www.ibm.com/developerworks/java/jdk/alerts/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=849212"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-3829.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4041.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5372.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5375.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5456.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5457.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5458.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5772.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5774.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5776.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5778.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5780.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5782.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5783.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5784.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5787.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5788.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5789.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5790.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5797.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5800.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5801.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5802.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5803.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5804.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5809.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5812.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5814.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5817.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5818.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5819.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5820.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5823.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5824.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5825.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5829.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5830.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5831.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5832.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5838.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5840.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5842.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5843.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5848.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5849.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5850.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-5851.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Apply SAT patch number 8549 / 8550 as appropriate."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);


flag = 0;
if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"java-1_6_0-ibm-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, reference:"java-1_6_0-ibm-jdbc-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:3, cpu:"x86_64", reference:"java-1_6_0-ibm-plugin-1.6.0_sr15.0-0.5.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-alsa
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-fonts
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-jdbc
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_6_0-ibm-plugin
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

suse 5
nessus 37
ibm 28
aix 1
veracode 16
redhat 9
openvas 29
centos 3
f5 5
mageia 2
amazon 2
oraclelinux 3
ubuntu 2
prion 18
ubuntucve 17
cve 19
threatpost 1
securityvulns 1
oracle 1
suse
suse
Security update for IBM Java 5 (important)
2013-11-15 00:04:35
Security update for IBM Java 7 (important)
2013-11-22 08:04:19
Security update for Java 6 (important)
2013-11-19 00:04:12
nessus
nessus
RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:1507)
2013-11-08 00:00:00
SuSE 11.2 / 11.3 Security Update : IBM Java 7 (SAT Patch Numbers 8565 / 8566)
2013-11-21 00:00:00
RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:1508)
2013-11-08 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition
2022-09-25 23:09:27
Security Bulletin: Potential security vulnerabilities with JavaTM SDKs
2022-09-22 03:02:31
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by multiple vulnerabilities in IBM JRE (Multiple CVEs)
2022-09-25 21:06:56
aix
aix
Multiple Java vulnerabilities
2013-12-11 10:53:34
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 04:58:37
Sandbox Restrictions Bypass
2019-05-02 04:58:35
Improper Access Control
2019-05-02 04:58:35
redhat
redhat
(RHSA-2013:1793) Low: Red Hat Network Satellite server IBM Java Runtime security update
2013-12-05 00:00:00
(RHSA-2013:1508) Critical: java-1.6.0-ibm security update
2013-11-07 00:00:00
(RHSA-2013:1507) Critical: java-1.7.0-ibm security update
2013-11-07 00:00:00
openvas
openvas
CentOS Update for java CESA-2013:1451 centos6
2013-10-29 00:00:00
RedHat Update for java-1.7.0-openjdk RHSA-2013:1447-01
2013-10-29 00:00:00
CentOS Update for java CESA-2013:1451 centos6
2013-10-29 00:00:00
centos
centos
java security update
2013-10-23 11:04:05
java security update
2013-11-05 20:45:16
java security update
2013-10-22 07:41:01
f5
f5
Multiple Java vulnerabilities
2016-05-25 01:58:00
K48802597 : Java vulnerabilities CVE-2013-5825 and CVE-2013-5830
2016-06-09 00:00:00
SOL48802597 - Java vulnerabilities CVE-2013-5825 and CVE-2013-5830
2016-06-09 00:00:00
mageia
mageia
Updated java-1.7.0-openjdk package fixes security vulnerabilities
2013-11-13 23:03:04
Updated java-1.6.0-openjdk package fixes multiple vulnerabilities
2013-11-13 23:05:43
amazon
amazon
Critical: java-1.7.0-openjdk
2013-10-23 15:22:00
Important: java-1.6.0-openjdk
2013-11-05 13:35:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2013-10-21 00:00:00
java-1.6.0-openjdk security update
2013-11-05 00:00:00
java-1.7.0-openjdk security update
2013-10-22 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2013-11-21 00:00:00
OpenJDK 7 vulnerabilities
2014-01-23 00:00:00
prion
prion
Design/Logic Flaw
2013-10-16 17:55:00
Design/Logic Flaw
2013-10-16 15:55:00
Design/Logic Flaw
2013-10-16 17:55:00
ubuntucve
ubuntucve
CVE-2013-5852
2013-10-16 00:00:00
CVE-2013-5789
2013-10-16 00:00:00
CVE-2013-5824
2013-10-16 00:00:00
cve
cve
CVE-2013-5789
2013-10-16 15:55:00
CVE-2013-5787
2013-10-16 15:55:00
CVE-2013-5824
2013-10-16 17:55:00
threatpost
threatpost
October 2013 Oracle Java Critical Patch Update
2013-10-16 07:41:46
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-12-09 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
JSON
Related for SUSE_11_JAVA-1_6_0-IBM-131114.NASL
suse5nessus37ibm28aix1veracode16redhat9openvas29centos3f55mageia2amazon2oraclelinux3ubuntu2prion18ubuntucve17cve19threatpost1securityvulns1oracle1