Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.SUSE_11_JAVA-1_7_0-OPENJDK-130719.NASL
HistoryJul 26, 2013 - 12:00 a.m.

SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)

2013-07-2600:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
15
JSON

This update to icedtea-2.4.1 fixes various security issues :

  • S6741606, CVE-2013-2407: Integrate Apache Santuario

  • S7158805, CVE-2013-2445: Better rewriting of nested subroutine calls

  • S7170730, CVE-2013-2451: Improve Windows network stack support.

  • S8000638, CVE-2013-2450: Improve deserialization

  • S8000642, CVE-2013-2446: Better handling of objects for transportation

  • S8001033, CVE-2013-2452: Refactor network address handling in virtual machine identifiers

  • S8001034, CVE-2013-1500: Memory management improvements

  • S8001038, CVE-2013-2444: Resourcefully handle resources

  • S8001318, CVE-2013-2447: Socket.getLocalAddress not consistent with InetAddress.getLocalHost

  • S8001330, CVE-2013-2443: Improve on checking order (non-Zero builds only)

  • S8003703, CVE-2013-2412: Update RMI connection dialog box

  • S8004288, CVE-2013-2449: (fs) Files.probeContentType problems

  • S8006328, CVE-2013-2448: Improve robustness of sound classes

  • S8007812, CVE-2013-2455: (reflect) Class.getEnclosingMethod problematic for some classes

  • S8008120, CVE-2013-2457: Improve JMX class checking

  • S8008124, CVE-2013-2453: Better compliance testing

  • S8008132, CVE-2013-2456: Better serialization support

  • S8008744, CVE-2013-2407: Rework part of fix for JDK-6741606

  • S8009057, CVE-2013-2448: Improve MIDI event handling

  • S8009071, CVE-2013-2459: Improve shape handling

  • S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292 implementation change

  • S8009554, CVE-2013-2454: Improve SerialJavaObject.getFields

  • S8010209, CVE-2013-2460: Better provision of factories

  • S8011243, CVE-2013-2470: Improve ImagingLib

  • S8011248, CVE-2013-2471: Better Component Rasters

  • S8011253, CVE-2013-2472: Better Short Component Rasters

  • S8011257, CVE-2013-2473: Better Byte Component Rasters

  • S8012375, CVE-2013-1571: Improve Javadoc framing

  • S8012438, CVE-2013-2463: Better image validation

  • S8012597, CVE-2013-2465: Better image channel verification

  • S8012601, CVE-2013-2469: Better validation of image layouts

  • S8014281, CVE-2013-2461: Better checking of XML signature

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(69071);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/29");

  script_cve_id(
    "CVE-2013-1500",
    "CVE-2013-1571",
    "CVE-2013-2407",
    "CVE-2013-2412",
    "CVE-2013-2443",
    "CVE-2013-2444",
    "CVE-2013-2445",
    "CVE-2013-2446",
    "CVE-2013-2447",
    "CVE-2013-2448",
    "CVE-2013-2449",
    "CVE-2013-2450",
    "CVE-2013-2451",
    "CVE-2013-2452",
    "CVE-2013-2453",
    "CVE-2013-2454",
    "CVE-2013-2455",
    "CVE-2013-2456",
    "CVE-2013-2457",
    "CVE-2013-2458",
    "CVE-2013-2459",
    "CVE-2013-2460",
    "CVE-2013-2461",
    "CVE-2013-2463",
    "CVE-2013-2465",
    "CVE-2013-2469",
    "CVE-2013-2470",
    "CVE-2013-2471",
    "CVE-2013-2472",
    "CVE-2013-2473"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/18");

  script_name(english:"SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SuSE 11 host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"This update to icedtea-2.4.1 fixes various security issues :

  - S6741606, CVE-2013-2407: Integrate Apache Santuario

  - S7158805, CVE-2013-2445: Better rewriting of nested
    subroutine calls

  - S7170730, CVE-2013-2451: Improve Windows network stack
    support.

  - S8000638, CVE-2013-2450: Improve deserialization

  - S8000642, CVE-2013-2446: Better handling of objects for
    transportation

  - S8001033, CVE-2013-2452: Refactor network address
    handling in virtual machine identifiers

  - S8001034, CVE-2013-1500: Memory management improvements

  - S8001038, CVE-2013-2444: Resourcefully handle resources

  - S8001318, CVE-2013-2447: Socket.getLocalAddress not
    consistent with InetAddress.getLocalHost

  - S8001330, CVE-2013-2443: Improve on checking order
    (non-Zero builds only)

  - S8003703, CVE-2013-2412: Update RMI connection dialog
    box

  - S8004288, CVE-2013-2449: (fs) Files.probeContentType
    problems

  - S8006328, CVE-2013-2448: Improve robustness of sound
    classes

  - S8007812, CVE-2013-2455: (reflect)
    Class.getEnclosingMethod problematic for some classes

  - S8008120, CVE-2013-2457: Improve JMX class checking

  - S8008124, CVE-2013-2453: Better compliance testing

  - S8008132, CVE-2013-2456: Better serialization support

  - S8008744, CVE-2013-2407: Rework part of fix for
    JDK-6741606

  - S8009057, CVE-2013-2448: Improve MIDI event handling

  - S8009071, CVE-2013-2459: Improve shape handling

  - S8009424, CVE-2013-2458: Adapt Nashorn to JSR-292
    implementation change

  - S8009554, CVE-2013-2454: Improve
    SerialJavaObject.getFields

  - S8010209, CVE-2013-2460: Better provision of factories

  - S8011243, CVE-2013-2470: Improve ImagingLib

  - S8011248, CVE-2013-2471: Better Component Rasters

  - S8011253, CVE-2013-2472: Better Short Component Rasters

  - S8011257, CVE-2013-2473: Better Byte Component Rasters

  - S8012375, CVE-2013-1571: Improve Javadoc framing

  - S8012438, CVE-2013-2463: Better image validation

  - S8012597, CVE-2013-2465: Better image channel
    verification

  - S8012601, CVE-2013-2469: Better validation of image
    layouts

  - S8014281, CVE-2013-2461: Better checking of XML
    signature");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=828665");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-1500.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-1571.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2407.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2412.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2443.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2444.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2445.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2446.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2447.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2448.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2449.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2450.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2451.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2452.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2453.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2454.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2455.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2456.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2457.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2458.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2459.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2460.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2461.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2463.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2465.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2469.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2470.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2471.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2472.html");
  script_set_attribute(attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2013-2473.html");
  script_set_attribute(attribute:"solution", value:
"Apply SAT patch number 8090.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java storeImageArray() Invalid Array Indexing Vulnerability');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");


flag = 0;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"java-1_7_0-openjdk-1.7.0.6-0.19.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"java-1_7_0-openjdk-demo-1.7.0.6-0.19.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"java-1_7_0-openjdk-devel-1.7.0.6-0.19.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"java-1_7_0-openjdk-1.7.0.6-0.19.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"java-1_7_0-openjdk-demo-1.7.0.6-0.19.2")) flag++;
if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"java-1_7_0-openjdk-devel-1.7.0.6-0.19.2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-demo
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:java-1_7_0-openjdk-devel
novellsuse_linux11cpe:/o:novell:suse_linux:11

References

Related

nessus 40
openvas 47
centos 3
amazon 2
redhat 7
suse 13
debian 2
oraclelinux 3
mageia 2
ubuntu 3
veracode 16
ibm 15
securityvulns 1
prion 9
cve 10
attackerkb 1
ubuntucve 10
threatpost 1
thn 3
checkpoint_advisories 3
seebug 2
saint 2
packetstorm 1
metasploit 1
zdt 1
exploitpack 1
nessus
nessus
Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130620)
2013-06-21 00:00:00
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-204)
2013-09-04 00:00:00
RHEL 5 : java-1.7.0-openjdk (RHSA-2013:0958)
2013-06-20 00:00:00
openvas
openvas
RedHat Update for java-1.7.0-openjdk RHSA-2013:0957-01
2013-06-24 00:00:00
RedHat Update for java-1.7.0-openjdk RHSA-2013:0958-01
2013-06-24 00:00:00
Oracle: Security Advisory (ELSA-2013-0957)
2015-10-06 00:00:00
centos
centos
java security update
2013-06-20 06:43:01
java security update
2013-06-20 06:46:44
java security update
2013-07-04 10:07:44
amazon
amazon
Important: java-1.7.0-openjdk
2013-06-20 14:14:00
Important: java-1.6.0-openjdk
2013-07-12 15:31:00
redhat
redhat
(RHSA-2013:0957) Critical: java-1.7.0-openjdk security update
2013-06-19 00:00:00
(RHSA-2013:0958) Important: java-1.7.0-openjdk security update
2013-06-19 00:00:00
(RHSA-2013:1014) Important: java-1.6.0-openjdk security update
2013-07-03 00:00:00
suse
suse
Security update for java-1_7_0-openjdk (important)
2013-07-25 16:04:14
Security update for java-1_6_0-openjdk (important)
2013-07-23 22:04:14
Security update for java-1_5_0-ibm (important)
2013-07-27 17:04:14
debian
debian
[SECURITY] [DSA 2722-1] openjdk-7 security update
2013-07-15 15:53:07
[SECURITY] [DSA 2727-1] openjdk-6 security update
2013-07-25 21:12:25
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.6.0-openjdk security update
2013-07-03 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
mageia
mageia
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities
2013-06-26 22:13:26
Updated java-1.6.0-openjdk packages fix security vulnerabilities
2013-07-16 11:26:07
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2013-07-16 00:00:00
IcedTea Web update
2013-07-16 00:00:00
OpenJDK 6 vulnerabilities
2013-07-23 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 04:46:29
Privilege Escalation
2019-05-02 04:46:31
Arbitrary Code Execution
2019-05-02 04:46:33
ibm
ibm
Security Bulletin: Potential security vulnerabilities with JavaTM SDKs
2022-09-25 21:06:56
Security Bulletin: WebSphere Application Server - Oracle CPU shipped with Rational Application Developer for WebSphere Software June 2013 (CVE-2013-1571)
2020-02-05 00:09:48
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by vulnerabilities in IBM JRE (Multiple CVEs)
2022-09-25 21:06:56
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-08-28 00:00:00
prion
prion
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
cve
cve
CVE-2013-2464
2013-06-18 22:55:00
CVE-2013-2455
2013-06-18 22:55:00
CVE-2013-2443
2013-06-18 22:55:00
attackerkb
attackerkb
CVE-2013-2464
2013-06-18 00:00:00
ubuntucve
ubuntucve
CVE-2013-2464
2013-06-18 00:00:00
CVE-2013-2455
2013-06-18 00:00:00
CVE-2013-2452
2013-06-18 00:00:00
threatpost
threatpost
Many Flash, Java Users Running Older, Vulnerable Versions
2013-09-06 07:40:52
thn
thn
New Mac OS Malware exploited two known Java vulnerabilities
2013-09-24 04:15:00
New Mac OS Malware exploited two known Java vulnerabilities
2013-09-24 15:15:00
Caphaw Banking Malware Distributed via YouTube Ads
2014-02-24 23:20:00
checkpoint_advisories
checkpoint_advisories
Oracle Java SE XML Digital Signature Spoofing (CVE-2013-2461)
2013-10-27 00:00:00
Oracle Java sun.tracing.ProviderSkeleton Sandbox Bypass Code Execution - Ver2 (CVE-2013-2460)
2014-03-31 00:00:00
Java Applet ProviderSkeleton Class Insecure Invoke Method (CVE-2013-2460)
2013-07-10 00:00:00
seebug
seebug
Java Applet ProviderSkeleton Insecure Invoke Method
2014-07-01 00:00:00
Oracle Java lookUpByteBI - Heap Buffer Overflow
2014-07-01 00:00:00
saint
saint
Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability
2013-07-11 00:00:00
Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability
2013-07-11 00:00:00
packetstorm
packetstorm
Java Applet ProviderSkeleton Insecure Invoke Method
2013-06-27 00:00:00
metasploit
metasploit
Java Applet ProviderSkeleton Insecure Invoke Method
2013-06-24 06:04:38
zdt
zdt
Oracle Java lookUpByteBI - Heap Buffer Overflow Vulnerability
2013-09-03 00:00:00
exploitpack
exploitpack
Oracle Java lookUpByteBI - Heap Buffer Overflow
2013-09-03 00:00:00
JSON
Related for SUSE_11_JAVA-1_7_0-OPENJDK-130719.NASL
nessus40openvas47centos3amazon2redhat7suse13debian2oraclelinux3mageia2ubuntu3veracode16ibm15securityvulns1prion9cve10attackerkb1ubuntucve10threatpost1thn3checkpoint_advisories3seebug2saint2packetstorm1metasploit1zdt1exploitpack1