Lucene search
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.SUSE_JAVA-1_4_2-IBM-2461.NASLHistoryDec 13, 2007 - 12:00 a.m.
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 2461)
2007-12-1300:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
13
This update brings IBM Java 1.4.2 to Service Release 7.
It contains several undisclosed security fixes, including the fix for the RSA attack similar to Mitre CVE ID CVE-2006-4790.
It also contains timezone updates :
-
US daylightsaving time update starting 2007.
-
Western Australia daylight savings time introduction in December 2006.
-
Update to current timezone dataset.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(29468);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2006-4790");
script_name(english:"SuSE 10 Security Update : IBM Java (ZYPP Patch Number 2461)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 10 host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"This update brings IBM Java 1.4.2 to Service Release 7.
It contains several undisclosed security fixes, including the fix for
the RSA attack similar to Mitre CVE ID CVE-2006-4790.
It also contains timezone updates :
- US daylightsaving time update starting 2007.
- Western Australia daylight savings time introduction in
December 2006.
- Update to current timezone dataset."
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2006-4790.html"
);
script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 2461.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
script_set_attribute(attribute:"patch_publication_date", value:"2007/01/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
flag = 0;
if (rpm_check(release:"SLES10", sp:0, reference:"java-1_4_2-ibm-1.4.2.s4-23.10")) flag++;
if (rpm_check(release:"SLES10", sp:0, reference:"java-1_4_2-ibm-devel-1.4.2.s4-23.10")) flag++;
if (rpm_check(release:"SLES10", sp:0, cpu:"i586", reference:"java-1_4_2-ibm-jdbc-1.4.2.s4-23.10")) flag++;
if (rpm_check(release:"SLES10", sp:0, cpu:"i586", reference:"java-1_4_2-ibm-plugin-1.4.2.s4-23.10")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else exit(0, "The host is not affected.");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| suse | suse_linux | cpe:/o:suse:suse_linux |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200609-15 (gnutls)
2008-09-24 00:00:00
SLES9: Security update for IBM Java2 JRE and SDK
2009-10-10 00:00:00
FreeBSD Ports: gnutls, gnutls-devel
2008-09-04 00:00:00
nessus
nessus
FreeBSD : gnutls -- RSA Signature Forgery Vulnerability (64bf6234-520d-11db-8f1a-000a48049292)
2006-10-05 00:00:00
CentOS 4 : gnutls (CESA-2006:0680)
2006-09-22 00:00:00
SuSE9 Security Update : gnutls (YOU Patch Number 11228)
2009-09-24 00:00:00
gentoo
gentoo
GnuTLS: RSA Signature Forgery
2006-09-26 00:00:00
freebsd
freebsd
gnutls -- RSA Signature Forgery Vulnerability
2006-09-08 00:00:00
centos
centos
gnutls security update
2006-09-14 14:44:53
oraclelinux
oraclelinux
Important gnutls security update
2006-11-30 00:00:00
securityvulns
securityvulns
[USN-348-1] GnuTLS vulnerability
2006-09-19 00:00:00
redhat
redhat
(RHSA-2006:0680) gnutls security update
2006-09-14 00:00:00
debian
debian
ubuntu
ubuntu
GnuTLS vulnerability
2006-09-19 00:00:00
cve
cve
ubuntucve
ubuntucve
CVE-2006-4790
2006-09-14 00:00:00
CVE-2018-16152
2018-09-24 00:00:00
prion
prion
Code injection
2018-11-07 20:29:00
Design/Logic Flaw
2018-09-26 21:29:00
debiancve
debiancve
CVE-2018-16253
2018-11-07 20:29:00
CVE-2018-16152
2018-09-26 21:29:00
redhatcve
redhatcve
CVE-2018-16152
2018-10-03 20:20:39
alpinelinux
alpinelinux
CVE-2018-16152
2018-09-26 21:29:00
osv
osv
CVE-2018-16253
2018-11-07 20:29:00
CVE-2018-16152
2018-09-26 21:29:01
suse
suse
remote code execution in IBMJava2
2007-01-18 16:13:31
Related for SUSE_JAVA-1_4_2-IBM-2461.NASL