Lucene search
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2016-2348-1.NASLHistorySep 22, 2016 - 12:00 a.m.
SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:2348-1)
2016-09-2200:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
IBM Java 6 was updated to version 6.0-16.30. Following security issue was fixed: CVE-2016-3485 Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2016:2348-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(93647);
script_version("2.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-3485");
script_name(english:"SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:2348-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"IBM Java 6 was updated to version 6.0-16.30. Following security issue
was fixed: CVE-2016-3485 Please see
https://www.ibm.com/developerworks/java/jdk/alerts/ for more
information.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=992537"
);
# https://www.ibm.com/developerworks/java/jdk/alerts/
script_set_attribute(
attribute:"see_also",
value:"https://developer.ibm.com/javasdk/support/security-vulnerabilities/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-3485/"
);
# https://www.suse.com/support/update/announcement/2016/suse-su-20162348-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?a9fbfb6d"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE OpenStack Cloud 5:zypper in -t patch
sleclo50sp3-java-1_6_0-ibm-12754=1
SUSE Manager Proxy 2.1:zypper in -t patch
slemap21-java-1_6_0-ibm-12754=1
SUSE Manager 2.1:zypper in -t patch sleman21-java-1_6_0-ibm-12754=1
SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch
slessp3-java-1_6_0-ibm-12754=1
SUSE Linux Enterprise Server 11-SP2-LTSS:zypper in -t patch
slessp2-java-1_6_0-ibm-12754=1
SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch
sleposp3-java-1_6_0-ibm-12754=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_6_0-ibm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-alsa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-fonts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-jdbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-plugin");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/07/21");
script_set_attribute(attribute:"patch_publication_date", value:"2016/09/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/09/22");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(2|3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP2/3", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"java-1_6_0-ibm-plugin-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"x86_64", reference:"java-1_6_0-ibm-alsa-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", reference:"java-1_6_0-ibm-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", reference:"java-1_6_0-ibm-devel-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", reference:"java-1_6_0-ibm-fonts-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", reference:"java-1_6_0-ibm-jdbc-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"3", cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", cpu:"x86_64", reference:"java-1_6_0-ibm-plugin-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", cpu:"x86_64", reference:"java-1_6_0-ibm-alsa-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"java-1_6_0-ibm-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"java-1_6_0-ibm-devel-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"java-1_6_0-ibm-fonts-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"java-1_6_0-ibm-jdbc-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", cpu:"i586", reference:"java-1_6_0-ibm-plugin-1.6.0_sr16.30-75.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", cpu:"i586", reference:"java-1_6_0-ibm-alsa-1.6.0_sr16.30-75.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-1_6_0-ibm");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | java-1_6_0-ibm | p-cpe:/a:novell:suse_linux:java-1_6_0-ibm |
| novell | suse_linux | java-1_6_0-ibm-alsa | p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-alsa |
| novell | suse_linux | java-1_6_0-ibm-devel | p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-devel |
| novell | suse_linux | java-1_6_0-ibm-fonts | p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-fonts |
| novell | suse_linux | java-1_6_0-ibm-jdbc | p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-jdbc |
| novell | suse_linux | java-1_6_0-ibm-plugin | p-cpe:/a:novell:suse_linux:java-1_6_0-ibm-plugin |
| novell | suse_linux | 11 | cpe:/o:novell:suse_linux:11 |
Related
ibm
ibm
suse
suse
Security update for java-1_6_0-ibm (important)
2016-09-21 20:10:47
Security update for java-1_8_0-ibm (important)
2016-11-04 15:16:34
Security update for java-1_7_0-ibm (important)
2016-09-10 16:09:41
prion
prion
Buffer overflow
2016-07-21 10:12:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2016:2348-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:2430-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:2261-1)
2021-06-09 00:00:00
redhatcve
redhatcve
CVE-2016-3485
2016-07-20 08:18:31
ubuntucve
ubuntucve
CVE-2016-3485
2016-07-21 00:00:00
cve
cve
CVE-2016-3485
2016-07-21 10:12:00
nessus
nessus
SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:2430-1)
2019-01-02 00:00:00
AIX Java Advisory : java_july2016_advisory.asc (July 2016 CPU)
2016-11-18 00:00:00
SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2016:2261-1)
2016-09-08 00:00:00
debiancve
debiancve
CVE-2016-3485
2016-07-21 10:12:00
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2016-08-18 15:35:03
kaspersky
kaspersky
KLA10849 Multiple vulnerabilities in Oracle Java SE
2016-07-19 00:00:00
gentoo
gentoo
IcedTea: Multiple vulnerabilities
2017-01-19 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2016-10-15 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2016
2016-07-19 00:00:00
Related for SUSE_SU-2016-2348-1.NASL