Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_JAVA-1_4_2-IBM-7231.NASL
HistoryDec 17, 2010 - 12:00 a.m.

SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7231)

2010-12-1700:00:00
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

IBM Java 1.4.2 was updated to SR13 FP6 to fix various bugs and security issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(51339);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2009-3555", "CVE-2010-3541", "CVE-2010-3548", "CVE-2010-3549", "CVE-2010-3551", "CVE-2010-3553", "CVE-2010-3556", "CVE-2010-3557", "CVE-2010-3562", "CVE-2010-3565", "CVE-2010-3568", "CVE-2010-3569", "CVE-2010-3571", "CVE-2010-3572");

  script_name(english:"SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7231)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"IBM Java 1.4.2 was updated to SR13 FP6 to fix various bugs and
security issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2009-3555.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3541.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3548.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3549.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3551.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3553.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3556.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3557.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3562.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3565.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3568.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3569.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3571.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2010-3572.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 7231.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(310);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/11/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/17");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLES10", sp:3, reference:"java-1_4_2-ibm-1.4.2_sr13.6-1.6.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, reference:"java-1_4_2-ibm-devel-1.4.2_sr13.6-1.6.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, cpu:"i586", reference:"java-1_4_2-ibm-jdbc-1.4.2_sr13.6-1.6.1")) flag++;
if (rpm_check(release:"SLES10", sp:3, cpu:"i586", reference:"java-1_4_2-ibm-plugin-1.4.2_sr13.6-1.6.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

References

Related

redhat 12
nessus 55
suse 3
fedora 8
oraclelinux 2
openvas 43
centos 3
ubuntu 3
cisco 2
prion 13
ubuntucve 13
cve 14
veracode 13
zdi 2
debian 3
altlinux 2
hackerone 2
seebug 3
securityvulns 1
mozilla 1
slackware 1
redhat
redhat
(RHSA-2010:0986) Moderate: java-1.4.2-ibm-sap security update
2010-12-15 00:00:00
(RHSA-2010:0786) Critical: java-1.4.2-ibm security update
2010-10-20 00:00:00
(RHSA-2010:0865) Important: java-1.6.0-openjdk security and bug fix update
2010-11-10 00:00:00
nessus
nessus
RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0786)
2010-10-21 00:00:00
SuSE 11.1 Security Update : IBM Java 1.4.2 (SAT Patch Number 3528)
2011-01-21 00:00:00
SuSE9 Security Update : IBM Java2 JRE and SDK (YOU Patch Number 12658)
2010-12-17 00:00:00
suse
suse
remote code execution in java-1_4_2-ibm,IBMJava2-JRE
2010-12-17 11:21:31
remote code execution in java-1_6_0-ibm
2011-01-25 17:16:52
man-in-the-middle attack in openssl
2009-11-18 09:50:39
fedora
fedora
[SECURITY] Fedora 12 Update: java-1.6.0-openjdk-1.6.0.0-41.1.8.2.fc12
2010-10-21 06:04:44
[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-43.1.8.2.fc13
2010-10-19 07:04:11
[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-44.1.9.1.fc14
2010-10-18 05:38:07
oraclelinux
oraclelinux
java-1.6.0-openjdk security and bug fix update
2010-10-13 00:00:00
openssl097a security update
2010-03-25 00:00:00
openvas
openvas
Fedora Update for java-1.6.0-openjdk FEDORA-2010-16294
2010-10-22 00:00:00
Oracle: Security Advisory (ELSA-2010-0768)
2015-10-06 00:00:00
Fedora Update for java-1.6.0-openjdk FEDORA-2010-16294
2010-10-22 00:00:00
centos
centos
java security update
2010-10-14 10:59:21
openssl097a security update
2010-03-27 17:44:36
nspr, nss security update
2010-03-28 15:36:50
ubuntu
ubuntu
OpenJDK vulnerabilities
2010-10-28 00:00:00
Apache vulnerability
2010-09-21 00:00:00
NSS vulnerability
2010-04-09 00:00:00
cisco
cisco
MIT Kerberos GSS-API Library Remote Denial of Service Vulnerability
2010-05-19 15:40:37
Transport Layer Security Renegotiation Vulnerability
2009-11-09 13:00:00
prion
prion
Double free
2010-10-19 22:00:00
Design/Logic Flaw
2010-10-19 22:00:00
Design/Logic Flaw
2010-10-19 22:00:00
ubuntucve
ubuntucve
CVE-2010-3562
2010-10-19 00:00:00
CVE-2010-3549
2010-10-19 00:00:00
CVE-2010-3548
2010-10-19 00:00:00
cve
cve
CVE-2010-3562
2010-10-19 22:00:00
CVE-2010-3549
2010-10-19 22:00:00
CVE-2010-3569
2010-10-19 22:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:52:16
Privilege Escalation
2020-04-10 00:52:14
Privilege Escalation
2020-04-10 00:52:14
zdi
zdi
Oracle Sun Java ICC Profile Unicode Description Remote Code Execution Vulnerability
2010-10-12 00:00:00
Oracle Sun JRE JPEGImageWriter.writeImage Remote Code Execution Vulnerability
2010-10-12 00:00:00
debian
debian
[SECURITY] [DSA-2141-2] New nss packages fix protocol design flaw
2011-01-05 23:20:31
[SECURITY] [DSA-2141-4] New lighttpd packages fix regression
2011-01-12 18:51:18
[SECURITY] [DSA-2141-2] New nss packages fix protocol design flaw
2011-01-05 23:20:42
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 0.9.8l-alt1
2009-11-07 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8l-alt1
2009-11-07 00:00:00
hackerone
hackerone
LocalTapiola: Secure Client-Initiated Renegotiation
2017-12-27 15:57:52
Slack: TLS1/SSLv3 Renegotiation Vulnerability
2014-04-02 13:01:00
seebug
seebug
ProFTPD TLS会话重协商明文数据注入漏洞
2009-12-15 00:00:00
Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability
2009-11-10 00:00:00
TLS Renegotiation Vulnerability PoC Exploit
2009-12-21 00:00:00
securityvulns
securityvulns
Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability
2009-11-11 00:00:00
mozilla
mozilla
Update NSS to support TLS renegotiation indication — Mozilla
2010-03-30 00:00:00
slackware
slackware
openssl
2009-11-16 13:42:36
JSON
Related for SUSE_JAVA-1_4_2-IBM-7231.NASL
redhat12nessus55suse3fedora8oraclelinux2openvas43centos3ubuntu3cisco2prion13ubuntucve13cve14veracode13zdi2debian3altlinux2hackerone2seebug3securityvulns1mozilla1slackware1