Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_JAVA-1_5_0-IBM-8362.NASL
HistoryNov 19, 2012 - 12:00 a.m.

SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 8362) (ROBOT)

2012-11-1900:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.042 Low

EPSS

Percentile

92.3%

JSON

IBM Java 1.5.0 has been updated to SR15 which fixes bugs and security issues.

More information can be found on :

http://www.ibm.com/developerworks/java/jdk/alerts/

CVE-2012-3216 / CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 / CVE-2012-5083 / CVE-2012-5083 / CVE-2012-1531 / CVE-2012-5081 / CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5079 / CVE-2012-5089

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(62962);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-1531", "CVE-2012-3143", "CVE-2012-3216", "CVE-2012-5069", "CVE-2012-5071", "CVE-2012-5073", "CVE-2012-5075", "CVE-2012-5079", "CVE-2012-5081", "CVE-2012-5083", "CVE-2012-5084", "CVE-2012-5089");

  script_name(english:"SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 8362) (ROBOT)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"IBM Java 1.5.0 has been updated to SR15 which fixes bugs and security
issues.

More information can be found on :

http://www.ibm.com/developerworks/java/jdk/alerts/

CVE-2012-3216 / CVE-2012-3143 / CVE-2012-5073 / CVE-2012-5075 /
CVE-2012-5083 / CVE-2012-5083 / CVE-2012-1531 / CVE-2012-5081 /
CVE-2012-5069 / CVE-2012-5071 / CVE-2012-5084 / CVE-2012-5079 /
CVE-2012-5089"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-1531.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-3143.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-3216.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5069.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5071.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5073.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5075.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5079.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5081.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5083.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5084.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-5089.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 8362.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/11/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/11/19");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:4, reference:"java-1_5_0-ibm-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"java-1_5_0-ibm-demo-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"java-1_5_0-ibm-devel-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"java-1_5_0-ibm-fonts-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, reference:"java-1_5_0-ibm-src-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"i586", reference:"java-1_5_0-ibm-alsa-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"i586", reference:"java-1_5_0-ibm-jdbc-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"i586", reference:"java-1_5_0-ibm-plugin-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"java-1_5_0-ibm-32bit-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"java-1_5_0-ibm-alsa-32bit-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLED10", sp:4, cpu:"x86_64", reference:"java-1_5_0-ibm-devel-32bit-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"java-1_5_0-ibm-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"java-1_5_0-ibm-devel-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, reference:"java-1_5_0-ibm-fonts-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"i586", reference:"java-1_5_0-ibm-alsa-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"i586", reference:"java-1_5_0-ibm-jdbc-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"i586", reference:"java-1_5_0-ibm-plugin-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"java-1_5_0-ibm-32bit-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"java-1_5_0-ibm-alsa-32bit-1.5.0_sr15.0-0.5.1")) flag++;
if (rpm_check(release:"SLES10", sp:4, cpu:"x86_64", reference:"java-1_5_0-ibm-devel-32bit-1.5.0_sr15.0-0.5.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

References

Related

nessus 41
suse 9
openvas 36
ibm 12
redhat 9
amazon 2
threatpost 1
centos 3
veracode 22
oraclelinux 3
ubuntu 1
cve 12
nvd 12
cvelist 12
prion 12
ubuntucve 10
securityvulns 1
f5 1
nessus
nessus
SUSE SLED10 / SLES10 Security Update : IBM Java 1.5.0 (SUSE-SU-2012:1489-1)
2015-05-20 00:00:00
SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 8366) (ROBOT)
2012-11-19 00:00:00
RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2012:1465) (ROBOT)
2012-11-16 00:00:00
suse
suse
Security update for IBM Java 1.5.0 (important)
2012-11-16 21:08:57
Security update for IBM Java 1.4.2 (important)
2012-11-16 21:09:15
Security update for IBM Java 1.6.0 (important)
2012-11-28 21:08:41
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1489-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1490-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1588-1)
2021-06-09 00:00:00
ibm
ibm
Security Bulletin: TADDM: Vulnerabilities in embedded JRE
2022-09-25 21:06:56
Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE excuted under a security manager.
2022-09-25 23:13:40
Security Bulletin: IBM Rational Build Forge Java (CVE-2012-3216, CVE-2012-5077, CVE-2012-5073, CVE-2012-5074, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-5069, CVE-2012-5079, CVE-2012-5088)
2018-06-17 04:45:18
redhat
redhat
(RHSA-2012:1465) Critical: java-1.5.0-ibm security update
2012-11-15 00:00:00
(RHSA-2012:1384) Critical: java-1.6.0-openjdk security update
2012-10-17 00:00:00
(RHSA-2012:1485) Critical: java-1.4.2-ibm security update
2012-11-22 00:00:00
amazon
amazon
Important: java-1.7.0-openjdk
2012-10-23 10:38:00
Important: java-1.6.0-openjdk
2012-10-23 10:38:00
threatpost
threatpost
Apple Patches Java Flaws
2012-10-18 13:44:08
centos
centos
java security update
2012-10-17 21:15:32
java security update
2012-10-17 21:21:03
java security update
2012-10-17 21:16:08
veracode
veracode
Memory Corruption
2019-05-02 04:41:04
Privilege Escalation
2019-05-02 04:41:05
Privilege Escalation
2019-05-02 04:41:07
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-10-17 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
java-1.7.0-openjdk security update
2012-10-17 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2012-10-26 00:00:00
cve
cve
CVE-2012-5079
2012-10-16 21:55:02
CVE-2012-5073
2012-10-16 21:55:01
CVE-2012-3143
2012-10-16 21:55:01
nvd
nvd
CVE-2012-5079
2012-10-16 21:55:02
CVE-2012-5073
2012-10-16 21:55:01
CVE-2012-3143
2012-10-16 21:55:01
cvelist
cvelist
CVE-2012-5079
2012-10-16 21:29:00
CVE-2012-5089
2012-10-16 21:29:00
CVE-2012-5073
2012-10-16 21:29:00
prion
prion
Design/Logic Flaw
2012-10-16 21:55:00
Design/Logic Flaw
2012-10-16 21:55:00
Design/Logic Flaw
2012-10-16 21:55:00
ubuntucve
ubuntucve
CVE-2012-3143
2012-10-16 00:00:00
CVE-2012-5089
2012-10-16 00:00:00
CVE-2012-5073
2012-10-16 00:00:00
securityvulns
securityvulns
Oracle Java / OpenJDK multiple security vulnerabilities
2012-10-30 00:00:00
f5
f5
K21018505 : JRE vulnerability CVE-2012-5081
2018-02-08 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.042 Low

EPSS

Percentile

92.3%

JSON
Related for SUSE_JAVA-1_5_0-IBM-8362.NASL
nessus41suse9openvas36ibm12redhat9amazon2threatpost1centos3veracode22oraclelinux3ubuntu1cve12nvd12cvelist12prion12ubuntucve10securityvulns1f51