{"id": "OPENVAS:1361412562310862798", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521", "description": "The remote host is missing an update for the ", "published": "2011-01-21T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862798", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html", "2011-0521"], "cvelist": ["CVE-2010-4351"], "lastseen": "2019-05-29T18:40:04", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-4351", "CVE-2011-0521"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310862800", "OPENVAS:870384", "OPENVAS:862798", "OPENVAS:862800", "OPENVAS:1361412562310840575", "OPENVAS:1361412562310880546", "OPENVAS:1361412562310870384", "OPENVAS:1361412562310840578", "OPENVAS:881430", "OPENVAS:840575"]}, {"type": "ubuntu", "idList": ["USN-1052-1", "USN-1055-1"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2011-0176.NASL", "ORACLELINUX_ELSA-2011-0176.NASL", "UBUNTU_USN-1052-1.NASL", "SUSE_11_2_JAVA-1_6_0-OPENJDK-110118.NASL", "CENTOS_RHSA-2011-0176.NASL", "UBUNTU_USN-1055-1.NASL", "SL_20110125_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "FEDORA_2011-0521.NASL", "SUSE_11_3_JAVA-1_6_0-OPENJDK-110118.NASL", "FEDORA_2011-0500.NASL"]}, {"type": "zdi", "idList": ["ZDI-11-014"]}, {"type": "redhat", "idList": ["RHSA-2011:0176"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0176"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11393", "SECURITYVULNS:DOC:25592"]}, {"type": "centos", "idList": ["CESA-2011:0176"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2224-1:ECD2A"]}, {"type": "gentoo", "idList": ["GLSA-201406-32"]}], "modified": "2019-05-29T18:40:04", "rev": 2}, "score": {"value": 7.5, "vector": "NONE", "modified": "2019-05-29T18:40:04", "rev": 2}, "vulnersScore": 7.5}, "pluginID": "1361412562310862798", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862798\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_xref(name:\"FEDORA\", value:\"2011-0521\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4351\");\n script_name(\"Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1.6.0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"java-1.6.0-openjdk on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~50.1.9.4.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:45:04", "description": "The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader.", "edition": 4, "cvss3": {}, "published": "2011-01-20T19:00:00", "title": "CVE-2010-4351", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4351"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:redhat:icedtea:1.7.1", "cpe:/a:redhat:icedtea:1.9.3", "cpe:/a:redhat:icedtea:1.7.4", "cpe:/a:redhat:icedtea:1.7.3", "cpe:/a:redhat:icedtea:1.9.1", "cpe:/a:redhat:icedtea:1.8.2", "cpe:/a:redhat:icedtea:1.8", "cpe:/a:redhat:icedtea:1.7.5", "cpe:/a:redhat:icedtea:1.8.3", "cpe:/a:redhat:icedtea:1.7.2", "cpe:/a:redhat:icedtea:1.9", "cpe:/a:redhat:icedtea:1.8.1", "cpe:/a:redhat:icedtea:1.7", "cpe:/a:redhat:icedtea:1.7.6", "cpe:/a:redhat:icedtea:1.9.2"], "id": "CVE-2010-4351", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4351", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:redhat:icedtea:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:icedtea:1.9.1:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:55:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "description": "Check for the Version of java-1.6.0-openjdk", "modified": "2017-07-10T00:00:00", "published": "2011-01-21T00:00:00", "id": "OPENVAS:862798", "href": "http://plugins.openvas.org/nasl.php?oid=862798", "type": "openvas", "title": "Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"java-1.6.0-openjdk on Fedora 14\";\ntag_insight = \"The OpenJDK runtime environment.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html\");\n script_id(862798);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_xref(name: \"FEDORA\", value: \"2011-0521\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4351\");\n script_name(\"Fedora Update for java-1.6.0-openjdk FEDORA-2011-0521\");\n\n script_summary(\"Check for the Version of java-1.6.0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~50.1.9.4.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "description": "Check for the Version of java-1.6.0-openjdk", "modified": "2017-07-10T00:00:00", "published": "2011-01-21T00:00:00", "id": "OPENVAS:862800", "href": "http://plugins.openvas.org/nasl.php?oid=862800", "type": "openvas", "title": "Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"java-1.6.0-openjdk on Fedora 13\";\ntag_insight = \"The OpenJDK runtime environment.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html\");\n script_id(862800);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_xref(name: \"FEDORA\", value: \"2011-0500\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4351\");\n script_name(\"Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500\");\n\n script_summary(\"Check for the Version of java-1.6.0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~48.1.8.4.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-01-21T00:00:00", "id": "OPENVAS:1361412562310862800", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862800", "type": "openvas", "title": "Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862800\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_xref(name:\"FEDORA\", value:\"2011-0500\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-4351\");\n script_name(\"Fedora Update for java-1.6.0-openjdk FEDORA-2011-0500\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1.6.0-openjdk'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"java-1.6.0-openjdk on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~48.1.8.4.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1052-1", "modified": "2019-03-13T00:00:00", "published": "2011-01-31T00:00:00", "id": "OPENVAS:1361412562310840575", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840575", "type": "openvas", "title": "Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1052_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1052-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840575\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1052-1\");\n script_cve_id(\"CVE-2010-4351\");\n script_name(\"Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(9\\.10|10\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1052-1\");\n script_tag(name:\"affected\", value:\"openjdk-6, openjdk-6b18 vulnerability on Ubuntu 9.10,\n Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that the JNLP SecurityManager in IcedTea for Java\n OpenJDK in some instances failed to properly apply the intended\n scurity policy in its checkPermission method. This could allow an\n attacker execute code with privileges that should have been prevented.\n (CVE-2010-4351)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:26:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1052-1", "modified": "2017-12-01T00:00:00", "published": "2011-01-31T00:00:00", "id": "OPENVAS:840575", "href": "http://plugins.openvas.org/nasl.php?oid=840575", "type": "openvas", "title": "Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1052_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the JNLP SecurityManager in IcedTea for Java\n OpenJDK in some instances failed to properly apply the intended\n scurity policy in its checkPermission method. This could allow an\n attacker execute code with privileges that should have been prevented.\n (CVE-2010-4351)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1052-1\";\ntag_affected = \"openjdk-6, openjdk-6b18 vulnerability on Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1052-1/\");\n script_id(840575);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1052-1\");\n script_cve_id(\"CVE-2010-4351\");\n script_name(\"Ubuntu Update for openjdk-6, openjdk-6b18 vulnerability USN-1052-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.4-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.4-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.4-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881430", "type": "openvas", "title": "CentOS Update for java CESA-2011:0176 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2011:0176 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017310.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881430\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:51:33 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0176\");\n script_name(\"CentOS Update for java CESA-2011:0176 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"java on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit. The javaws command can be used to\n launch Java Web Start applications.\n\n A public static field declaration allowed untrusted JNLP (Java Network\n Launching Protocol) applications to read privileged data. A remote attacker\n could directly or indirectly read the values of restricted system\n properties, such as 'user.name', 'user.home', and 'java.home', which\n untrusted applications should not be allowed to read. (CVE-2010-3860)\n\n It was found that JNLPSecurityManager could silently return without\n throwing an exception when permission was denied. If the javaws command was\n used to launch a Java Web Start application that relies on this exception\n being thrown, it could result in that application being run with elevated\n privileges, allowing it to bypass security manager restrictions and gain\n access to privileged functionality. (CVE-2010-4351)\n\n Note: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\n mistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351, this\n update removes javaws.\n\n Red Hat would like to thank the TippingPoint Zero Day Initiative project\n for reporting CVE-2010-4351. The original issue reporter wishes to stay\n anonymous.\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.7.7. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "Check for the Version of java", "modified": "2017-12-29T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881430", "href": "http://plugins.openvas.org/nasl.php?oid=881430", "type": "openvas", "title": "CentOS Update for java CESA-2011:0176 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for java CESA-2011:0176 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit. The javaws command can be used to\n launch Java Web Start applications.\n\n A public static field declaration allowed untrusted JNLP (Java Network\n Launching Protocol) applications to read privileged data. A remote attacker\n could directly or indirectly read the values of restricted system\n properties, such as &quot;user.name&quot;, &quot;user.home&quot;, and &quot;java.home&quot;, which\n untrusted applications should not be allowed to read. (CVE-2010-3860)\n \n It was found that JNLPSecurityManager could silently return without\n throwing an exception when permission was denied. If the javaws command was\n used to launch a Java Web Start application that relies on this exception\n being thrown, it could result in that application being run with elevated\n privileges, allowing it to bypass security manager restrictions and gain\n access to privileged functionality. (CVE-2010-4351)\n \n Note: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\n mistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351, this\n update removes javaws.\n \n Red Hat would like to thank the TippingPoint Zero Day Initiative project\n for reporting CVE-2010-4351. The original issue reporter wishes to stay\n anonymous.\n \n This erratum also upgrades the OpenJDK package to IcedTea6 1.7.7. Refer to\n the NEWS file, linked to in the References, for further information.\n \n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\";\n\ntag_affected = \"java on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017310.html\");\n script_id(881430);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:51:33 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2011:0176\");\n script_name(\"CentOS Update for java CESA-2011:0176 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of java\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-14T19:04:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "The remote host is missing an update for the ", "modified": "2020-03-13T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880546", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880546", "type": "openvas", "title": "CentOS Update for java CESA-2011:0176 centos5 i386", "sourceData": "# Copyright (C) 2011 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017309.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880546\");\n script_version(\"2020-03-13T10:06:41+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 10:06:41 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2011:0176\");\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_name(\"CentOS Update for java CESA-2011:0176 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"java on CentOS 5\");\n script_tag(name:\"insight\", value:\"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit. The javaws command can be used to\n launch Java Web Start applications.\n\n A public static field declaration allowed untrusted JNLP (Java Network\n Launching Protocol) applications to read privileged data. A remote attacker\n could directly or indirectly read the values of restricted system\n properties, such as 'user.name', 'user.home', and 'java.home', which\n untrusted applications should not be allowed to read. (CVE-2010-3860)\n\n It was found that JNLPSecurityManager could silently return without\n throwing an exception when permission was denied. If the javaws command was\n used to launch a Java Web Start application that relies on this exception\n being thrown, it could result in that application being run with elevated\n privileges, allowing it to bypass security manager restrictions and gain\n access to privileged functionality. (CVE-2010-4351)\n\n Note: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\n mistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351, this\n update removes javaws.\n\n Red Hat would like to thank the TippingPoint Zero Day Initiative project\n for reporting CVE-2010-4351. The original issue reporter wishes to stay\n anonymous.\n\n This erratum also upgrades the OpenJDK package to IcedTea6 1.7.7. Refer to\n the NEWS file, linked to in the References, for further information.\n\n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS5\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.17.b17.el5\", rls:\"CentOS5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:40:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0025", "CVE-2010-4351"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1055-1", "modified": "2019-03-13T00:00:00", "published": "2011-02-04T00:00:00", "id": "OPENVAS:1361412562310840578", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840578", "type": "openvas", "title": "Ubuntu Update for openjdk-6, openjdk-6b18 vulnerabilities USN-1055-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1055_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for openjdk-6, openjdk-6b18 vulnerabilities USN-1055-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1055-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840578\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1055-1\");\n script_cve_id(\"CVE-2010-4351\", \"CVE-2011-0025\");\n script_name(\"Ubuntu Update for openjdk-6, openjdk-6b18 vulnerabilities USN-1055-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(9\\.10|10\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1055-1\");\n script_tag(name:\"affected\", value:\"openjdk-6, openjdk-6b18 vulnerabilities on Ubuntu 9.10,\n Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that IcedTea for Java did not properly verify\n signatures when handling multiply signed or partially signed JAR files,\n allowing an attacker to cause code to execute that appeared to come\n from a verified source. (CVE-2011-0025)\n\n USN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu\n 10.04 LTS on all architectures, and Ubuntu 10.10 for all architectures\n except for the armel (ARM) architecture. This update provides the\n corresponding update for Ubuntu 10.10 on the armel (ARM) architecture.\n\n Original advisory details:\n\n It was discovered that the JNLP SecurityManager in IcedTea for Java\n OpenJDK in some instances failed to properly apply the intended\n scurity policy in its checkPermission method. This could allow\n an attacker to execute code with privileges that should have been\n prevented. (CVE-2010-4351)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.5-0ubuntu1~9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.5-0ubuntu1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"icedtea-6-jre-cacao\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"icedtea6-plugin\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-dbg\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-demo\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jdk\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-headless\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-zero\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-doc\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-jre-lib\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"openjdk-6-source\", ver:\"6b20-1.9.5-0ubuntu1~10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-27T10:55:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "Check for the Version of java-1.6.0-openjdk", "modified": "2017-07-12T00:00:00", "published": "2011-01-31T00:00:00", "id": "OPENVAS:870384", "href": "http://plugins.openvas.org/nasl.php?oid=870384", "type": "openvas", "title": "RedHat Update for java-1.6.0-openjdk RHSA-2011:0176-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for java-1.6.0-openjdk RHSA-2011:0176-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These packages provide the OpenJDK 6 Java Runtime Environment and the\n OpenJDK 6 Software Development Kit. The javaws command can be used to\n launch Java Web Start applications.\n\n A public static field declaration allowed untrusted JNLP (Java Network\n Launching Protocol) applications to read privileged data. A remote attacker\n could directly or indirectly read the values of restricted system\n properties, such as &quot;user.name&quot;, &quot;user.home&quot;, and &quot;java.home&quot;, which\n untrusted applications should not be allowed to read. (CVE-2010-3860)\n \n It was found that JNLPSecurityManager could silently return without\n throwing an exception when permission was denied. If the javaws command was\n used to launch a Java Web Start application that relies on this exception\n being thrown, it could result in that application being run with elevated\n privileges, allowing it to bypass security manager restrictions and gain\n access to privileged functionality. (CVE-2010-4351)\n \n Note: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\n mistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351, this\n update removes javaws.\n \n Red Hat would like to thank the TippingPoint Zero Day Initiative project\n for reporting CVE-2010-4351. The original issue reporter wishes to stay\n anonymous.\n \n This erratum also upgrades the OpenJDK package to IcedTea6 1.7.7. Refer to\n the NEWS file, linked to in the References, for further information.\n \n All users of java-1.6.0-openjdk are advised to upgrade to these updated\n packages, which resolve these issues. All running instances of OpenJDK Java\n must be restarted for the update to take effect.\";\n\ntag_affected = \"java-1.6.0-openjdk on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00021.html\");\n script_id(870384);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0176-01\");\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_name(\"RedHat Update for java-1.6.0-openjdk RHSA-2011:0176-01\");\n\n script_summary(\"Check for the Version of java-1.6.0-openjdk\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk\", rpm:\"java-1.6.0-openjdk~1.6.0.0~1.17.b17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-debuginfo\", rpm:\"java-1.6.0-openjdk-debuginfo~1.6.0.0~1.17.b17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-demo\", rpm:\"java-1.6.0-openjdk-demo~1.6.0.0~1.17.b17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-devel\", rpm:\"java-1.6.0-openjdk-devel~1.6.0.0~1.17.b17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-javadoc\", rpm:\"java-1.6.0-openjdk-javadoc~1.6.0.0~1.17.b17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"java-1.6.0-openjdk-src\", rpm:\"java-1.6.0-openjdk-src~1.6.0.0~1.17.b17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4351"], "description": "The OpenJDK runtime environment. ", "modified": "2011-01-19T21:06:31", "published": "2011-01-19T21:06:31", "id": "FEDORA:89F881106A7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: java-1.6.0-openjdk-1.6.0.0-50.1.9.4.fc14", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4351"], "description": "The OpenJDK runtime environment. ", "modified": "2011-01-19T21:10:03", "published": "2011-01-19T21:10:03", "id": "FEDORA:EE38410F8BB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "zdi": [{"lastseen": "2020-06-22T11:41:26", "bulletinFamily": "info", "cvelist": ["CVE-2010-4351"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Java OpenJDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the IcedTea.so component. When handling the an applet the process fails to properly restrict permission of code. It is possible to create and instantiate subclasses of ClassLoader. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.", "modified": "2011-06-22T00:00:00", "published": "2011-01-18T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-11-014/", "id": "ZDI-11-014", "title": "Red Hat OpenJDK IcedTea6 ClassLoader Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:02", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4351"], "description": "It was discovered that the JNLP SecurityManager in IcedTea for Java \nOpenJDK in some instances failed to properly apply the intended \nscurity policy in its checkPermission method. This could allow an \nattacker execute code with privileges that should have been prevented. \n(CVE-2010-4351)", "edition": 5, "modified": "2011-01-26T00:00:00", "published": "2011-01-26T00:00:00", "id": "USN-1052-1", "href": "https://ubuntu.com/security/notices/USN-1052-1", "title": "OpenJDK vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-09T00:31:43", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0025", "CVE-2010-4351"], "description": "It was discovered that IcedTea for Java did not properly verify \nsignatures when handling multiply signed or partially signed JAR files, \nallowing an attacker to cause code to execute that appeared to come \nfrom a verified source. (CVE-2011-0025)\n\nUSN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu \n10.04 LTS on all architectures, and Ubuntu 10.10 for all architectures \nexcept for the armel (ARM) architecture. This update provides the \ncorresponding update for Ubuntu 10.10 on the armel (ARM) architecture.\n\nOriginal advisory details:\n\nIt was discovered that the JNLP SecurityManager in IcedTea for Java \nOpenJDK in some instances failed to properly apply the intended \nscurity policy in its checkPermission method. This could allow \nan attacker to execute code with privileges that should have been \nprevented. (CVE-2010-4351)", "edition": 5, "modified": "2011-02-01T00:00:00", "published": "2011-02-01T00:00:00", "id": "USN-1055-1", "href": "https://ubuntu.com/security/notices/USN-1055-1", "title": "OpenJDK vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-17T14:07:16", "description": "This update of java-1_6_0-openjdk improves the return value handling\nof JNLPSecurityManager. Prior to this update the JNLPSecurityManager\nsilently returns in some cases when a permission was denied.\n(CVE-2010-4351) Additionally the java path was fixed to make java work\nwith firefox again.", "edition": 24, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0057-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_6_0-openjdk", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_JAVA-1_6_0-OPENJDK-110118.NASL", "href": "https://www.tenable.com/plugins/nessus/75536", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_6_0-openjdk-3827.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75536);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4351\");\n\n script_name(english:\"openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0057-1)\");\n script_summary(english:\"Check for the java-1_6_0-openjdk-3827 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of java-1_6_0-openjdk improves the return value handling\nof JNLPSecurityManager. Prior to this update the JNLPSecurityManager\nsilently returns in some cases when a permission was denied.\n(CVE-2010-4351) Additionally the java path was fixed to make java work\nwith firefox again.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=635365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=664298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_6_0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"java-1_6_0-openjdk-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"java-1_6_0-openjdk-demo-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"java-1_6_0-openjdk-devel-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"java-1_6_0-openjdk-javadoc-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"java-1_6_0-openjdk-plugin-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"java-1_6_0-openjdk-src-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_6_0-openjdk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:58", "description": " - Wed Jan 5 2011 Jiri Vanek <jvanek at redhat.com> -\n 1:1.6.0.0-50.1.9.4\n\n - Updated to IcedTea 1.9.4\n\n - Wed Dec 1 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-49.1.9.3\n\n - Updated to IcedTea 1.9.3\n\n - Re-enable Compressed Oops by default as upstream bug#\n 7002666 is fixed\n\n - Tue Nov 30 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-49.1.9.2\n\n - Update to IcedTea 1.9.2\n\n - Resolves: rhbz# 645843\n\n - Resolves: rhbz# 647737\n\n - Resolves: rhbz# 643674\n\n - Remove patch that disabled Compressed Oops. It is now\n the default upstream.\n\n - Mon Nov 29 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-48.1.9.1\n\n - Resolves: rhbz#657491\n\n - Removed Asian and Indic font dependencies.\n\n - Mon Nov 22 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-47.1.9.1\n\n - added fonts dependencies\n\n - Mon Nov 8 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-46.1.9.1\n\n - Temporarily resolve rhbz#647737 :\n\n - Put hs19 back, but disable Compressed Oops\n\n - Mon Nov 8 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-45.1.9.1\n\n - Temporarily resolve rhbz#647737 :\n\n - Build with default hotspot (hs17)\n\n - From Jiri Vanek (jvanek at redhat.com): -Fixing\n rhbz#648499 - BuildRequires: redhat-lsb\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-01-20T00:00:00", "title": "Fedora 14 : java-1.6.0-openjdk-1.6.0.0-50.1.9.4.fc14 (2011-0521)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "modified": "2011-01-20T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk"], "id": "FEDORA_2011-0521.NASL", "href": "https://www.tenable.com/plugins/nessus/51581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0521.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51581);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4351\");\n script_xref(name:\"FEDORA\", value:\"2011-0521\");\n\n script_name(english:\"Fedora 14 : java-1.6.0-openjdk-1.6.0.0-50.1.9.4.fc14 (2011-0521)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jan 5 2011 Jiri Vanek <jvanek at redhat.com> -\n 1:1.6.0.0-50.1.9.4\n\n - Updated to IcedTea 1.9.4\n\n - Wed Dec 1 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-49.1.9.3\n\n - Updated to IcedTea 1.9.3\n\n - Re-enable Compressed Oops by default as upstream bug#\n 7002666 is fixed\n\n - Tue Nov 30 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-49.1.9.2\n\n - Update to IcedTea 1.9.2\n\n - Resolves: rhbz# 645843\n\n - Resolves: rhbz# 647737\n\n - Resolves: rhbz# 643674\n\n - Remove patch that disabled Compressed Oops. It is now\n the default upstream.\n\n - Mon Nov 29 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-48.1.9.1\n\n - Resolves: rhbz#657491\n\n - Removed Asian and Indic font dependencies.\n\n - Mon Nov 22 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-47.1.9.1\n\n - added fonts dependencies\n\n - Mon Nov 8 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-46.1.9.1\n\n - Temporarily resolve rhbz#647737 :\n\n - Put hs19 back, but disable Compressed Oops\n\n - Mon Nov 8 2010 Deepak Bhole <dbhole at redhat.com> -\n 1:1.6.0.0-45.1.9.1\n\n - Temporarily resolve rhbz#647737 :\n\n - Build with default hotspot (hs17)\n\n - From Jiri Vanek (jvanek at redhat.com): -Fixing\n rhbz#648499 - BuildRequires: redhat-lsb\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=663680\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1bddd5fb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.6.0-openjdk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"java-1.6.0-openjdk-1.6.0.0-50.1.9.4.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:05:45", "description": "This update of java-1_6_0-openjdk improves the return value handling\nof JNLPSecurityManager. Prior to this update the JNLPSecurityManager\nsilently returns in some cases when a permission was denied.\n(CVE-2010-4351) Additionally the java path was fixed to make java work\nwith firefox again.", "edition": 24, "published": "2011-05-05T00:00:00", "title": "openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0057-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "modified": "2011-05-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_6_0-openjdk", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin", "cpe:/o:novell:opensuse:11.2", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo", "p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src"], "id": "SUSE_11_2_JAVA-1_6_0-OPENJDK-110118.NASL", "href": "https://www.tenable.com/plugins/nessus/53733", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update java-1_6_0-openjdk-3827.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53733);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-4351\");\n\n script_name(english:\"openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2011:0057-1)\");\n script_summary(english:\"Check for the java-1_6_0-openjdk-3827 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of java-1_6_0-openjdk improves the return value handling\nof JNLPSecurityManager. Prior to this update the JNLPSecurityManager\nsilently returns in some cases when a permission was denied.\n(CVE-2010-4351) Additionally the java path was fixed to make java work\nwith firefox again.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=635365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=664298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-01/msg00024.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1_6_0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_6_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"java-1_6_0-openjdk-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"java-1_6_0-openjdk-demo-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"java-1_6_0-openjdk-devel-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"java-1_6_0-openjdk-javadoc-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"java-1_6_0-openjdk-plugin-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"java-1_6_0-openjdk-src-1.6.0.0_b20.1.9.4-1.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_6_0-openjdk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T07:19:59", "description": "It was discovered that the JNLP SecurityManager in IcedTea for Java\nOpenJDK in some instances failed to properly apply the intended\nscurity policy in its checkPermission method. This could allow an\nattacker execute code with privileges that should have been prevented.\n(CVE-2010-4351).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-01-27T00:00:00", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : openjdk-6, openjdk-6b18 vulnerability (USN-1052-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jdk", "p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-doc", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-demo", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-dbg", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib", "p-cpe:/a:canonical:ubuntu_linux:icedtea6-plugin", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless"], "id": "UBUNTU_USN-1052-1.NASL", "href": "https://www.tenable.com/plugins/nessus/51771", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1052-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51771);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-4351\");\n script_bugtraq_id(45894);\n script_xref(name:\"USN\", value:\"1052-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : openjdk-6, openjdk-6b18 vulnerability (USN-1052-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the JNLP SecurityManager in IcedTea for Java\nOpenJDK in some instances failed to properly apply the intended\nscurity policy in its checkPermission method. This could allow an\nattacker execute code with privileges that should have been prevented.\n(CVE-2010-4351).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1052-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea6-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"icedtea6-plugin\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-dbg\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-demo\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-doc\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jdk\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-source\", pkgver:\"6b20-1.9.4-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"icedtea6-plugin\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-dbg\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-demo\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-doc\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jdk\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-source\", pkgver:\"6b20-1.9.4-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"icedtea6-plugin\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-dbg\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-demo\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-doc\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jdk\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-source\", pkgver:\"6b20-1.9.4-0ubuntu1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icedtea-6-jre-cacao / icedtea6-plugin / openjdk-6-dbg / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:58", "description": " - Wed Jan 5 2011 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-47.1.8.4.48\n\n - updated to icedtea 1.8.4\n\n - Mon Nov 29 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-46.1.8.3.4\n\n - Resolves: rhbz#657491\n\n - Removed Asian and Indic font dependencies.\n\n - Fri Nov 19 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-45.1.8.3\n\n - updated to iced tea 1.8.3\n\n - added fonts dependencies\n\n - Tue Nov 2 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-44.1.8.2 -fixing rhbz#648499 - BuildRequires:\n redhat-lsb\n\n - Thu Oct 7 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-43.1.8.2\n\n - Imports icedtea6-1.8.2\n\n - changed Release versioning from openjdkver to\n icedteaver\n\n - Resolves: rhbz#533125\n\n - Resolves: rhbz#639876\n\n - Resolves: rhbz#639880\n\n - Resolves: rhbz#639897\n\n - Resolves: rhbz#639904\n\n - Resolves: rhbz#639909\n\n - Resolves: rhbz#639914\n\n - Resolves: rhbz#639920\n\n - Resolves: rhbz#639922\n\n - Resolves: rhbz#639925\n\n - Resolves: rhbz#639951\n\n - Resolves: rhbz#6622002\n\n - Resolves: rhbz#6623943\n\n - Resolves: rhbz#6925672\n\n - Resolves: rhbz#6952017\n\n - Resolves: rhbz#6952603\n\n - Resolves: rhbz#6961084\n\n - Resolves: rhbz#6963285\n\n - Resolves: rhbz#6980004\n\n - Resolves: rhbz#6981426\n\n - Resolves: rhbz#6990437\n\n - Mon Jul 26 2010 Martin Matejovic <mmatejov at\n redhat.com> -1:1.6.0-42.b18\n\n - Imports icedtea6-1.8.1\n\n - Removed: java-1.6.0-openjdk-plugin.patch\n\n - Resolves: rhbz#616893\n\n - Resolves: rhbz#616895\n\n - Mon Jun 14 2010 Martin Matejovic <mmatejov at\n redhat.com> -1:1.6.0.-41.b18\n\n - Fixed plugin update to IcedTeaPlugin.so\n\n - Fixed plugin cpu usage issue\n\n - Fixed plugin rewrites ? in URL\n\n - Added java-1.6.0-openjdk-plugin.patch\n\n - Resovles: rhbz#598353\n\n - Resolves: rhbz#592553\n\n - Resolves: rhbz#602906\n\n - Fri Jun 11 2010 Martin Matejovic <mmatejov at\n redhat.com> - 1:1.6.0-40.b18\n\n - Rebuild\n\n - Tue Jun 8 2010 Martin Matejovic <mmatejov at\n redhat.com> - 1:1.6.0-39.b18\n\n[plus 15 lines in the Changelog]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-01-20T00:00:00", "title": "Fedora 13 : java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 (2011-0500)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-4351"], "modified": "2011-01-20T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk"], "id": "FEDORA_2011-0500.NASL", "href": "https://www.tenable.com/plugins/nessus/51580", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0500.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51580);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-4351\");\n script_xref(name:\"FEDORA\", value:\"2011-0500\");\n\n script_name(english:\"Fedora 13 : java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13 (2011-0500)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Wed Jan 5 2011 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-47.1.8.4.48\n\n - updated to icedtea 1.8.4\n\n - Mon Nov 29 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-46.1.8.3.4\n\n - Resolves: rhbz#657491\n\n - Removed Asian and Indic font dependencies.\n\n - Fri Nov 19 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-45.1.8.3\n\n - updated to iced tea 1.8.3\n\n - added fonts dependencies\n\n - Tue Nov 2 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-44.1.8.2 -fixing rhbz#648499 - BuildRequires:\n redhat-lsb\n\n - Thu Oct 7 2010 Jiri Vanek <jvanek at redhat.com>\n -1:1.6.0-43.1.8.2\n\n - Imports icedtea6-1.8.2\n\n - changed Release versioning from openjdkver to\n icedteaver\n\n - Resolves: rhbz#533125\n\n - Resolves: rhbz#639876\n\n - Resolves: rhbz#639880\n\n - Resolves: rhbz#639897\n\n - Resolves: rhbz#639904\n\n - Resolves: rhbz#639909\n\n - Resolves: rhbz#639914\n\n - Resolves: rhbz#639920\n\n - Resolves: rhbz#639922\n\n - Resolves: rhbz#639925\n\n - Resolves: rhbz#639951\n\n - Resolves: rhbz#6622002\n\n - Resolves: rhbz#6623943\n\n - Resolves: rhbz#6925672\n\n - Resolves: rhbz#6952017\n\n - Resolves: rhbz#6952603\n\n - Resolves: rhbz#6961084\n\n - Resolves: rhbz#6963285\n\n - Resolves: rhbz#6980004\n\n - Resolves: rhbz#6981426\n\n - Resolves: rhbz#6990437\n\n - Mon Jul 26 2010 Martin Matejovic <mmatejov at\n redhat.com> -1:1.6.0-42.b18\n\n - Imports icedtea6-1.8.1\n\n - Removed: java-1.6.0-openjdk-plugin.patch\n\n - Resolves: rhbz#616893\n\n - Resolves: rhbz#616895\n\n - Mon Jun 14 2010 Martin Matejovic <mmatejov at\n redhat.com> -1:1.6.0.-41.b18\n\n - Fixed plugin update to IcedTeaPlugin.so\n\n - Fixed plugin cpu usage issue\n\n - Fixed plugin rewrites ? in URL\n\n - Added java-1.6.0-openjdk-plugin.patch\n\n - Resovles: rhbz#598353\n\n - Resolves: rhbz#592553\n\n - Resolves: rhbz#602906\n\n - Fri Jun 11 2010 Martin Matejovic <mmatejov at\n redhat.com> - 1:1.6.0-40.b18\n\n - Rebuild\n\n - Tue Jun 8 2010 Martin Matejovic <mmatejov at\n redhat.com> - 1:1.6.0-39.b18\n\n[plus 15 lines in the Changelog]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=663680\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1526a2c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.6.0-openjdk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"java-1.6.0-openjdk-1.6.0.0-48.1.8.4.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:26:51", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative\nproject for reporting CVE-2010-4351. The original issue reporter\nwishes to stay anonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.", "edition": 26, "published": "2011-04-15T00:00:00", "title": "CentOS 5 : java-1.6.0-openjdk (CESA-2011:0176)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "modified": "2011-04-15T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.6.0-openjdk", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-src", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0176.NASL", "href": "https://www.tenable.com/plugins/nessus/53415", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0176 and \n# CentOS Errata and Security Advisory 2011:0176 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53415);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_bugtraq_id(45114, 45894);\n script_xref(name:\"RHSA\", value:\"2011:0176\");\n\n script_name(english:\"CentOS 5 : java-1.6.0-openjdk (CESA-2011:0176)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative\nproject for reporting CVE-2010-4351. The original issue reporter\nwishes to stay anonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-April/017309.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?062dbb09\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-April/017310.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36632860\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.6.0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.17.b17.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:45:38", "description": "From Red Hat Security Advisory 2011:0176 :\n\nUpdated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative\nproject for reporting CVE-2010-4351. The original issue reporter\nwishes to stay anonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2011-0176)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk", "p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc"], "id": "ORACLELINUX_ELSA-2011-0176.NASL", "href": "https://www.tenable.com/plugins/nessus/68186", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0176 and \n# Oracle Linux Security Advisory ELSA-2011-0176 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68186);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_bugtraq_id(45114, 45894);\n script_xref(name:\"RHSA\", value:\"2011:0176\");\n\n script_name(english:\"Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2011-0176)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0176 :\n\nUpdated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative\nproject for reporting CVE-2010-4351. The original issue reporter\nwishes to stay anonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-January/001801.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected java-1.6.0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.17.b17.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.17.b17.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.17.b17.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.17.b17.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.17.b17.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:08:47", "description": "Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative\nproject for reporting CVE-2010-4351. The original issue reporter\nwishes to stay anonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.", "edition": 27, "published": "2011-01-26T00:00:00", "title": "RHEL 5 : java-1.6.0-openjdk (RHSA-2011:0176)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "modified": "2011-01-26T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo", "cpe:/o:redhat:enterprise_linux:5.6", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc", "p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk"], "id": "REDHAT-RHSA-2011-0176.NASL", "href": "https://www.tenable.com/plugins/nessus/51671", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0176. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51671);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n script_bugtraq_id(45114, 45894);\n script_xref(name:\"RHSA\", value:\"2011:0176\");\n\n script_name(english:\"RHEL 5 : java-1.6.0-openjdk (RHSA-2011:0176)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated java-1.6.0-openjdk packages that fix two security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative\nproject for reporting CVE-2010-4351. The original issue reporter\nwishes to stay anonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these\nupdated packages, which resolve these issues. All running instances of\nOpenJDK Java must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4351\"\n );\n # http://icedtea.classpath.org/hg/release/icedtea6-1.7/file/af20d64bc8b9/NEWS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61a7eb9f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0176\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.6.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0176\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.17.b17.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.17.b17.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:45:23", "description": "A public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The previous java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll running instances of OpenJDK Java must be restarted for the update\nto take effect.", "edition": 25, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110125_JAVA_1_6_0_OPENJDK_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60942", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60942);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3860\", \"CVE-2010-4351\");\n\n script_name(english:\"Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote\nattacker could directly or indirectly read the values of restricted\nsystem properties, such as 'user.name', 'user.home', and 'java.home',\nwhich untrusted applications should not be allowed to read.\n(CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws\ncommand was used to launch a Java Web Start application that relies on\nthis exception being thrown, it could result in that application being\nrun with elevated privileges, allowing it to bypass security manager\nrestrictions and gain access to privileged functionality.\n(CVE-2010-4351)\n\nNote: The previous java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351,\nthis update removes javaws.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7.\nRefer to the NEWS file, linked to in the References, for further\ninformation.\n\nAll running instances of OpenJDK Java must be restarted for the update\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1102&L=scientific-linux-errata&T=0&P=486\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9695bd87\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-demo-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-devel-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-javadoc-1.6.0.0-1.17.b17.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"java-1.6.0-openjdk-src-1.6.0.0-1.17.b17.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T07:20:00", "description": "It was discovered that IcedTea for Java did not properly verify\nsignatures when handling multiply signed or partially signed JAR\nfiles, allowing an attacker to cause code to execute that appeared to\ncome from a verified source. (CVE-2011-0025)\n\nUSN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu\n10.04 LTS on all architectures, and Ubuntu 10.10 for all architectures\nexcept for the armel (ARM) architecture. This update provides the\ncorresponding update for Ubuntu 10.10 on the armel (ARM) architecture.\n\nIt was discovered that the JNLP SecurityManager in IcedTea for Java\nOpenJDK in some instances failed to properly apply the intended\nscurity policy in its checkPermission method. This could allow an\nattacker to execute code with privileges that should have been\nprevented. (CVE-2010-4351).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2011-02-02T00:00:00", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : openjdk-6, openjdk-6b18 vulnerabilities (USN-1055-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0025", "CVE-2010-4351"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jdk", "p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-doc", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-demo", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-dbg", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib", "p-cpe:/a:canonical:ubuntu_linux:icedtea6-plugin", "p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless"], "id": "UBUNTU_USN-1055-1.NASL", "href": "https://www.tenable.com/plugins/nessus/51848", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1055-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51848);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-4351\", \"CVE-2011-0025\");\n script_bugtraq_id(45894);\n script_xref(name:\"USN\", value:\"1055-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : openjdk-6, openjdk-6b18 vulnerabilities (USN-1055-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that IcedTea for Java did not properly verify\nsignatures when handling multiply signed or partially signed JAR\nfiles, allowing an attacker to cause code to execute that appeared to\ncome from a verified source. (CVE-2011-0025)\n\nUSN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu\n10.04 LTS on all architectures, and Ubuntu 10.10 for all architectures\nexcept for the armel (ARM) architecture. This update provides the\ncorresponding update for Ubuntu 10.10 on the armel (ARM) architecture.\n\nIt was discovered that the JNLP SecurityManager in IcedTea for Java\nOpenJDK in some instances failed to properly apply the intended\nscurity policy in its checkPermission method. This could allow an\nattacker to execute code with privileges that should have been\nprevented. (CVE-2010-4351).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1055-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:icedtea6-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"icedtea6-plugin\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-dbg\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-demo\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-doc\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jdk\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"openjdk-6-source\", pkgver:\"6b20-1.9.5-0ubuntu1~9.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"icedtea6-plugin\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-dbg\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-demo\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-doc\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jdk\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"openjdk-6-source\", pkgver:\"6b20-1.9.5-0ubuntu1~10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"icedtea-6-jre-cacao\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"icedtea6-plugin\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-dbg\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-demo\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-doc\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jdk\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre-headless\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre-lib\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-jre-zero\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"openjdk-6-source\", pkgver:\"6b20-1.9.5-0ubuntu1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"icedtea-6-jre-cacao / icedtea6-plugin / openjdk-6-dbg / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:24:47", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0176\n\n\nThese packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote attacker\ncould directly or indirectly read the values of restricted system\nproperties, such as \"user.name\", \"user.home\", and \"java.home\", which\nuntrusted applications should not be allowed to read. (CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws command was\nused to launch a Java Web Start application that relies on this exception\nbeing thrown, it could result in that application being run with elevated\nprivileges, allowing it to bypass security manager restrictions and gain\naccess to privileged functionality. (CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351, this\nupdate removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative project\nfor reporting CVE-2010-4351. The original issue reporter wishes to stay\nanonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7. Refer to\nthe NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/029347.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/029348.html\n\n**Affected packages:**\njava-1.6.0-openjdk\njava-1.6.0-openjdk-demo\njava-1.6.0-openjdk-devel\njava-1.6.0-openjdk-javadoc\njava-1.6.0-openjdk-src\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0176.html", "edition": 3, "modified": "2011-04-14T14:29:15", "published": "2011-04-14T14:29:15", "href": "http://lists.centos.org/pipermail/centos-announce/2011-April/029347.html", "id": "CESA-2011:0176", "title": "java security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:53", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "These packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The javaws command can be used to\nlaunch Java Web Start applications.\n\nA public static field declaration allowed untrusted JNLP (Java Network\nLaunching Protocol) applications to read privileged data. A remote attacker\ncould directly or indirectly read the values of restricted system\nproperties, such as \"user.name\", \"user.home\", and \"java.home\", which\nuntrusted applications should not be allowed to read. (CVE-2010-3860)\n\nIt was found that JNLPSecurityManager could silently return without\nthrowing an exception when permission was denied. If the javaws command was\nused to launch a Java Web Start application that relies on this exception\nbeing thrown, it could result in that application being run with elevated\nprivileges, allowing it to bypass security manager restrictions and gain\naccess to privileged functionality. (CVE-2010-4351)\n\nNote: The RHSA-2010:0339 java-1.6.0-openjdk update installed javaws by\nmistake. As part of the fixes for CVE-2010-3860 and CVE-2010-4351, this\nupdate removes javaws.\n\nRed Hat would like to thank the TippingPoint Zero Day Initiative project\nfor reporting CVE-2010-4351. The original issue reporter wishes to stay\nanonymous.\n\nThis erratum also upgrades the OpenJDK package to IcedTea6 1.7.7. Refer to\nthe NEWS file, linked to in the References, for further information.\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.\n", "modified": "2017-09-08T12:12:25", "published": "2011-01-25T05:00:00", "id": "RHSA-2011:0176", "href": "https://access.redhat.com/errata/RHSA-2011:0176", "type": "redhat", "title": "(RHSA-2011:0176) Moderate: java-1.6.0-openjdk security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-0025", "CVE-2010-4351"], "description": "Protection bypass in JNLP SecurityManage, JAR files digital signature spoofing.", "edition": 1, "modified": "2011-02-02T00:00:00", "published": "2011-02-02T00:00:00", "id": "SECURITYVULNS:VULN:11393", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11393", "title": "IcedTea for Java OpenJDK protection bypass", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "bulletinFamily": "software", "cvelist": ["CVE-2011-0025", "CVE-2010-4351"], "description": "===========================================================\r\nUbuntu Security Notice USN-1055-1 February 01, 2011\r\nopenjdk-6, openjdk-6b18 vulnerabilities\r\nCVE-2010-4351, CVE-2011-0025\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 9.10\r\nUbuntu 10.04 LTS\r\nUbuntu 10.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 9.10:\r\n icedtea6-plugin 6b20-1.9.5-0ubuntu1~9.10.1\r\n\r\nUbuntu 10.04 LTS:\r\n icedtea6-plugin 6b20-1.9.5-0ubuntu1~10.04.1\r\n\r\nUbuntu 10.10:\r\n icedtea6-plugin 6b20-1.9.5-0ubuntu1\r\n\r\nAfter a standard system update you need to restart any Java services,\r\napplications or applets to make all the necessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that IcedTea for Java did not properly verify\r\nsignatures when handling multiply signed or partially signed JAR files,\r\nallowing an attacker to cause code to execute that appeared to come\r\nfrom a verified source. &#40;CVE-2011-0025&#41;\r\n\r\nUSN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu\r\n10.04 LTS on all architectures, and Ubuntu 10.10 for all architectures\r\nexcept for the armel &#40;ARM&#41; architecture. This update provides the\r\ncorresponding update for Ubuntu 10.10 on the armel &#40;ARM&#41; architecture.\r\n\r\nOriginal advisory details:\r\n\r\n It was discovered that the JNLP SecurityManager in IcedTea for Java\r\n OpenJDK in some instances failed to properly apply the intended\r\n scurity policy in its checkPermission method. This could allow\r\n an attacker to execute code with privileges that should have been\r\n prevented. &#40;CVE-2010-4351&#41;\r\n\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5-0ubuntu1~9.10.1.diff.gz\r\n Size/MD5: 130663 07167b8caf223fe920ac0c361e42344c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5-0ubuntu1~9.10.1.dsc\r\n Size/MD5: 3018 d3cc6e1842be3094f39ef33e7de3f353\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5.orig.tar.gz\r\n Size/MD5: 73242981 a46692c197b9d63625a0593f0f5261a1\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5-0ubuntu1~9.10.1.diff.gz\r\n Size/MD5: 131802 6e88eb789ee0d06c18b07194af10bb93\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5-0ubuntu1~9.10.1.dsc\r\n Size/MD5: 2997 595fc33270e578ea4b81d23e557c53ec\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5.orig.tar.gz\r\n Size/MD5: 71411043 bd54d036357114075c6d4cfb162cb3ad\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b20-1.9.5-0ubuntu1~9.10.1_all.deb\r\n Size/MD5: 20569646 0263c3295e00ffd691559e93a926b89c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b20-1.9.5-0ubuntu1~9.10.1_all.deb\r\n Size/MD5: 6211712 8cf32f132d7249d3b8c293502eb64bac\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b20-1.9.5-0ubuntu1~9.10.1_all.deb\r\n Size/MD5: 26919048 66c7073fd00bdace7d5f515d875fbcbb\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 436014 2034a505f2c4e922b445256bd5f80f49\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 83640 3683906aaf32d462fa577675c441acac\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 119563714 4660ba7c5fb8aac316377c576459a638\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 2385194 0ea219022e6aea6c1159897d9e34088f\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 11087968 357e95538a652ff16a499bdef84ffba5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 25600282 746ff952e9c2f2bc4f0f64b07014f409\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 270666 68ac2c4181b549c79eedca8794650509\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~9.10.1_amd64.deb\r\n Size/MD5: 5569254 c0077d670243fea709d4f199dda088ca\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 418096 c0141822eb47c8c6e06f9af23feef5c5\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 79234 8fe9ef03b9f35e52de8eb511f4e8b351\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 172937158 2bff76e2c638d5e901c81d11d4a2f742\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 2359054 84866ae7005e7bf7690365e2e6a97f6d\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 11078062 831332cccf805cded7f87fef3acffd62\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 27416614 585c7631a061b70308275dccc6f88beb\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 255898 1f8861dddfa2a12615d430f555ff6a2a\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~9.10.1_i386.deb\r\n Size/MD5: 5065908 d2d4f9e1f3eb25b041a5d8d20f2bafdc\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea-6-jre-cacao_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 370544 7ac9b2f6654f8ed4c22af43d3cb1f196\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea6-plugin_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 75722 4ec1c942786d2320978ee4ba9b5ce39b\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-dbg_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 84865932 a7427134161ba5f5a67b1cc5207cdef2\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-demo_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 1543030 2793d682bc50d814bb2cfae0536fb658\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jdk_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 9111184 2f44a1d000994c887864a2226fa9ab03\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre-headless_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 29699956 0b3e36d03c7274de90d85df81eea4642\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 255472 8604ce64204f8b093045e8fa0ddaf429\r\n \r\nhttp://ports.ubuntu.com/pool/universe/o/openjdk-6b18/openjdk-6-jre-zero_6b18-1.8.5-0ubuntu1~9.10.1_armel.deb\r\n Size/MD5: 4829218 d29ac1eb4ae4f61e24d21d6b3e774f2c\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 421918 60b982dbad33961f268850d3a1570121\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 81886 582799620b965b23b98782aa6b817784\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 173092778 eeb9c9a0975fff57e79af148959ef951\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 2348226 abac188c5fdd7b16e59021795328e388\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 10854010 d46469e4a0b30b664e7d76aed8d2a2d4\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 27472744 7cac2be8f882e3f8972d2ae8de4346c4\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 251924 46789f33a116717c035e0494d9123746\r\n \r\nhttp://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~9.10.1_lpia.deb\r\n Size/MD5: 5056662 e9cab7f8ff4f8557ec354fcfe064cbf9\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 447846 57f7bde6423b881f5c9b6b854805068e\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 82936 fd89da745cf94b5f621d381cf3ac62ae\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 103589468 4535c791fb31dcb30860d2fa8b930d7d\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 2365432 332cb4807360bce84a081f7c30ba7e34\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 8794604 999261245213227cf9a0e7a67805eb08\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 23939918 8052f0eaba58e09a0322214bd6843799\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 275120 4f501d44f7670786c6198e7e5e260e8d\r\n \r\nhttp://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~9.10.1_powerpc.deb\r\n Size/MD5: 4885644 dda65b396c0ba1c9359eca7eba34c6a7\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~9.10.1_sparc.deb\r\n Size/MD5: 79624 84e39fa6449346c08a18a2e00e8c7b55\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~9.10.1_sparc.deb\r\n Size/MD5: 119175958 f0a49dced0b3f12587cddf06b67f31b4\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~9.10.1_sparc.deb\r\n Size/MD5: 2364788 5f5d845ba1fe16e729df1625d424a396\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~9.10.1_sparc.deb\r\n Size/MD5: 10833222 2c4adc800d965b1f309ac12204d4813f\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~9.10.1_sparc.deb\r\n Size/MD5: 27295668 c28ce5653bee2fec182370c91f92ce43\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~9.10.1_sparc.deb\r\n Size/MD5: 256824 f7b5dc979cfc27d0f3f28340a6afdddb\r\n\r\nUpdated packages for Ubuntu 10.04 LTS:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5-0ubuntu1~10.04.1.diff.gz\r\n Size/MD5: 130653 4250574bc50a42af16707919a2c09791\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5-0ubuntu1~10.04.1.dsc\r\n Size/MD5: 3077 40a56a96db71060b96816204590f877f\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5.orig.tar.gz\r\n Size/MD5: 73242981 a46692c197b9d63625a0593f0f5261a1\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5-0ubuntu1~10.04.1.diff.gz\r\n Size/MD5: 131798 93e1c17619a492d6d98d4c93d088a9f3\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5-0ubuntu1~10.04.1.dsc\r\n Size/MD5: 3056 1df0b04c982b3bf22c1dbe70fe59ea32\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5.orig.tar.gz\r\n Size/MD5: 71411043 bd54d036357114075c6d4cfb162cb3ad\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b20-1.9.5-0ubuntu1~10.04.1_all.deb\r\n Size/MD5: 19979664 2b95fe28f2136a5394648b619300824b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b20-1.9.5-0ubuntu1~10.04.1_all.deb\r\n Size/MD5: 6155850 ef8366a2a9a0867cd531e3dd5a7ef92a\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b20-1.9.5-0ubuntu1~10.04.1_all.deb\r\n Size/MD5: 26858938 a90e2edef3fa37f49daa82fd92593c23\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 431074 3e50491a84259f5edaa622f9c05f7f8c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 84126 ce3e9b4cc3e6bb3964dfcfca6fa73fba\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 119261780 69383042a5bee649035dded1de7ae47c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 2364506 94bc6c9156e97a1036841ee1175a2814\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 10865770 52ff5af54da76d8abedfdac3e9f3a702\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 25622574 019c4cb665e4f44f0f2f6f822f54f6c4\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 270644 d441fd3a49ab376cdd4758720456b6fb\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~10.04.1_amd64.deb\r\n Size/MD5: 2241004 ecd39a0cac4615acdb3ed5f2c8047b87\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 415050 c2bed7d245921db1e01c5dc256a8455c\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 79608 d6bd3a3e64a8315591d7ef9e8bed071a\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 172626028 56b1dbbc185b452ec4684c574f78b5a9\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 2351292 33026e2e70a4f60a7059dd97e8291526\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 10861822 09d8359fb3120858cc8b253cb15fbfe9\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 27449440 3fb4c45554543b094e7d9c4022ca3723\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 255880 a374fc32fab614cecafbbd9eba325e80\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~10.04.1_i386.deb\r\n Size/MD5: 1924642 a4ae4868248ece9b2189e4f959c26562\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea-6-jre-cacao_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 346348 eec80fa6f8d42acbe5c7e9cedd06a9dd\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea6-plugin_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 73844 385da24b16e9eb32bf122b8c0c4490a0\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-dbg_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 41164556 20315ff718c4716aec70c4aacc452155\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-demo_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 1528746 cada79c5cf6af17cea69a303f626bcd0\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jdk_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 9100456 c146812c22adeb933b95e90accbd8a84\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre-headless_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 29493160 eccd808680771c0d9539037f0fee854f\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre_6b18-1.8.5-0ubuntu1~10.04.1_armel.deb\r\n Size/MD5: 245326 35b9b8d4341e8b35fcf597366dd0dece\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 445258 96272182cf8ee75a20db7a9b6856b7af\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 83634 d8661c9bf1493ed6a9bd19ce2d15aa79\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 103315722 a329acc7a98aa95b79fe1124010fb16e\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 2365524 af78e46c00b46e02575a7125c79716b9\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 8798846 79eccba98411a7a54cfac99215386a69\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 23945544 77dea4b31222a9016bbf9e9d86bc33c4\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 275052 803eac93ad819a9ae31b567dabe549c3\r\n \r\nhttp://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1~10.04.1_powerpc.deb\r\n Size/MD5: 2052776 44d1860ca58421b5169bd0b4a8993a9d\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1~10.04.1_sparc.deb\r\n Size/MD5: 77770 ead7daf2c17881f6b39e2c9a82e9367c\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1~10.04.1_sparc.deb\r\n Size/MD5: 119149298 cf83e170d0f3b6e11cbf10132f2d050c\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1~10.04.1_sparc.deb\r\n Size/MD5: 2365960 cc1c774bcd0e8f98a1d285770ae4c927\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1~10.04.1_sparc.deb\r\n Size/MD5: 10888370 fa5aa1c149df190e0ebb97d9289f56ce\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1~10.04.1_sparc.deb\r\n Size/MD5: 27222494 6e30b3ad57e76d67e936ad56a46d0a8d\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1~10.04.1_sparc.deb\r\n Size/MD5: 257382 a79aab3812e968abe4c0824c1146173f\r\n\r\nUpdated packages for Ubuntu 10.10:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5-0ubuntu1.diff.gz\r\n Size/MD5: 133456 976146aaa409e498d5addf8a241f573d\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5-0ubuntu1.dsc\r\n Size/MD5: 3004 6d022956f9cea371fbf2d9765ca4f040\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6_6b20-1.9.5.orig.tar.gz\r\n Size/MD5: 73242981 a46692c197b9d63625a0593f0f5261a1\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5-0ubuntu1.diff.gz\r\n Size/MD5: 134008 8fbdae65e6e519e9a831778b074a9952\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5-0ubuntu1.dsc\r\n Size/MD5: 2995 e131f7ebfa161d10f70a8b436a38f374\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6b18/openjdk-6b18_6b18-1.8.5.orig.tar.gz\r\n Size/MD5: 71411043 bd54d036357114075c6d4cfb162cb3ad\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-doc_6b20-1.9.5-0ubuntu1_all.deb\r\n Size/MD5: 19977298 2ccad59d057cb4419dbebf48b4ff67fd\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-lib_6b20-1.9.5-0ubuntu1_all.deb\r\n Size/MD5: 6155616 d716162e8cf6d5118ce1341e9c1e5be9\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-source_6b20-1.9.5-0ubuntu1_all.deb\r\n Size/MD5: 26858902 732bc0cc09aec245d11621c640272bdb\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 433260 169a9df6ecc86117d3097bf138e14ce7\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 83386 edb225c4df6678209cc7ee788bbf519f\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 119321318 16318a9a971f46bdebc31ba39820ee50\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 2380136 5e0ee63978bf2c820713c464124ff604\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 11085698 c1a5a9cbe650581246308df73a7da6f7\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 25605350 9b9925e2a9aa812a9a874c02d541fa2e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 266966 a40154ae4665ba835052633157172cfb\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1_amd64.deb\r\n Size/MD5: 2242486 387b2e80b57e70220cb210a0512654d6\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 416138 97dde39884b356a51137bf7c687c0ffe\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 78706 d2e6ac9590739d9ad1e9e5b057deaf6e\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 172665522 b8821c7db8364dab48f5f265bcd4ba8b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 2348308 40e5394c73299ff41564b9cbbae8f0f7\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 10856962 2cf7749b00e3c43a7ece05bc538c100a\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 27433792 b8ac656156b0a95f7276114697dd5c31\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 251308 f93c8309886bf4f7d2976046db3feb6b\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1_i386.deb\r\n Size/MD5: 1922642 92f1697157a2a972cdc1a8b52e13bf59\r\n\r\n armel architecture &#40;ARM Architecture&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea-6-jre-cacao_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 376854 c33095d01084b54d2640d8151fa613c5\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/icedtea6-plugin_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 78308 97134fdfee5d81dc060703bb39b1fb91\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-dbg_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 85427758 d9390442c09f18cb8cdcaff08590540a\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-demo_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 1544594 fdecd521952176cca16e79fe22230f46\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jdk_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 9129948 3e6dfdc2c08d922aec22a4763efed391\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre-headless_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 30066646 138f631ff444aa1480e41e7a89f1086d\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6b18/openjdk-6-jre_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 266356 2dbbb74cd81c3480f3d2c3efda8938ee\r\n \r\nhttp://ports.ubuntu.com/pool/universe/o/openjdk-6b18/openjdk-6-jre-zero_6b18-1.8.5-0ubuntu1_armel.deb\r\n Size/MD5: 1937244 d3528603fb40a730ea9a662c088e15ee\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea-6-jre-cacao_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 444520 04f8e4b8b91f55f2ef9883194769f42e\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/icedtea6-plugin_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 82774 34dae3adc1d09655e3deb9da1dbcd50c\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-dbg_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 103361572 ada4b0b7a9abbbbf29fe9caa2c47bc8d\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-demo_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 2363378 3a7b763b526db96cad9eb48e9fcfaddf\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jdk_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 8792836 b36a1676f0e3da23b8ca9d3a3be8bbe4\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre-headless_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 23929684 f7a6bf07a9058158ade47e820fdd3ca5\r\n \r\nhttp://ports.ubuntu.com/pool/main/o/openjdk-6/openjdk-6-jre_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 270452 a9914789c79be1910b64109109fb3ef7\r\n \r\nhttp://ports.ubuntu.com/pool/universe/o/openjdk-6/openjdk-6-jre-zero_6b20-1.9.5-0ubuntu1_powerpc.deb\r\n Size/MD5: 2052602 bb5f0f52c1d3906fae956725fb1f1cc4\r\n", "edition": 1, "modified": "2011-02-02T00:00:00", "published": "2011-02-02T00:00:00", "id": "SECURITYVULNS:DOC:25592", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25592", "title": "[USN-1055-1] OpenJDK vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:22", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3860", "CVE-2010-4351"], "description": "[1:1.6.0.0-1.17.b17.0.1.el5]\n- Add oracle-enterprise.patch\n[1:1.6.0.0-1.17.b17.el5]\n- Updated to 1.7.7 tarball\n- Resolves: bz668487\n- Also resolves bz668488", "edition": 4, "modified": "2011-01-25T00:00:00", "published": "2011-01-25T00:00:00", "id": "ELSA-2011-0176", "href": "http://linux.oracle.com/errata/ELSA-2011-0176.html", "title": "java-1.6.0-openjdk security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:20:00", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4448", "CVE-2010-4465", "CVE-2010-4469", "CVE-2010-4450", "CVE-2010-4472", "CVE-2010-4471", "CVE-2011-0025", "CVE-2010-4470", "CVE-2010-4351", "CVE-2011-0706"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2224-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nApril 20, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openjdk-6\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-4351 CVE-2010-4448 CVE-2010-4450 CVE-2010-4465 \n CVE-2010-4469 CVE-2010-4470 CVE-2010-4471 CVE-2010-4472\n CVE-2011-0025 CVE-2011-0706\n\nSeveral security vulnerabilities were discovered in OpenJDK, an\nimplementation of the Java platform.\n\nCVE-2010-4351\n The JNLP SecurityManager returns from the checkPermission method\n instead of throwing an exception in certain circumstances, which\n might allow context-dependent attackers to bypass the intended\n security policy by creating instances of ClassLoader.\n\nCVE-2010-4448\n Malicious applets can perform DNS cache poisoning.\n\nCVE-2010-4450\n An empty (but set) LD_LIBRARY_PATH environment variable results in\n a misconstructed library search path, resulting in code execution\n from possibly untrusted sources.\n\nCVE-2010-4465\n Malicious applets can extend their privileges by abusing Swing\n timers.\n\nCVE-2010-4469\n The Hotspot just-in-time compiler miscompiles crafted byte\n sequences, resulting in heap corruption.\n\nCVE-2010-4470\n JAXP can be exploited by untrusted code to elevate privileges.\n\nCVE-2010-4471\n Java2D can be exploited by untrusted code to elevate privileges.\n\nCVE-2010-4472\n Untrusted code can replace the XML DSIG implementation.\n\nCVE-2011-0025\n Signatures on JAR files are not properly verified, which allows\n remote attackers to trick users into executing code that appears\n to come from a trusted source.\n\nCVE-2011-0706\n The JNLPClassLoader class allows remote attackers to gain\n privileges via unknown vectors related to multiple signers and the\n assignment of &quot;an inappropriate security descriptor\n\nIn addition, this security update contains stability fixes, such as\nswitching to the recommended Hotspot version (hs14) for this\nparticular version of OpenJDK.\n\nFor the oldstable distribution (lenny), these problems have been fixed in\nversion 6b18-1.8.7-2~lenny1.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 6b18-1.8.7-2~squeeze1.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 1.8.7-1.\n\nWe recommend that you upgrade your openjdk-6 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2011-04-20T20:20:06", "published": "2011-04-20T20:20:06", "id": "DEBIAN:DSA-2224-1:ECD2A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00093.html", "title": "[SECURITY] [DSA 2224-1] openjdk-6 security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:20", "bulletinFamily": "unix", "cvelist": ["CVE-2012-5089", "CVE-2013-0426", "CVE-2013-2431", "CVE-2010-3562", "CVE-2013-2420", "CVE-2011-0865", "CVE-2013-2384", "CVE-2013-2415", "CVE-2012-1711", "CVE-2014-2397", "CVE-2013-1571", "CVE-2013-5782", "CVE-2011-3557", "CVE-2013-2417", "CVE-2013-1500", "CVE-2013-2448", "CVE-2010-3557", "CVE-2011-3551", "CVE-2013-4002", "CVE-2013-0401", "CVE-2012-5074", "CVE-2012-5073", "CVE-2013-0427", "CVE-2012-1725", "CVE-2013-2424", "CVE-2014-0457", "CVE-2013-5850", "CVE-2013-2407", "CVE-2013-5778", "CVE-2013-1478", "CVE-2013-2456", "CVE-2010-3551", "CVE-2011-0868", "CVE-2013-0428", "CVE-2014-0446", "CVE-2013-2436", "CVE-2013-2454", "CVE-2013-2470", "CVE-2013-1485", "CVE-2013-0169", "CVE-2010-3553", "CVE-2012-1719", "CVE-2014-1876", "CVE-2014-0458", "CVE-2013-0429", "CVE-2014-2427", "CVE-2011-3563", "CVE-2013-1475", "CVE-2013-2421", "CVE-2013-1518", "CVE-2013-0435", "CVE-2012-5087", "CVE-2013-0809", "CVE-2013-0442", "CVE-2010-3566", "CVE-2013-2452", "CVE-2013-2451", "CVE-2013-5842", "CVE-2010-4448", "CVE-2013-0431", "CVE-2010-4465", "CVE-2012-5085", "CVE-2012-4540", "CVE-2011-0869", "CVE-2010-3565", "CVE-2012-5076", "CVE-2013-5830", "CVE-2013-2473", "CVE-2013-6954", "CVE-2012-4416", "CVE-2012-5075", "CVE-2014-0453", "CVE-2013-1488", "CVE-2012-0424", "CVE-2013-0434", "CVE-2013-5784", "CVE-2013-5809", "CVE-2013-5802", "CVE-2013-5851", "CVE-2011-3548", "CVE-2012-5081", "CVE-2011-3547", "CVE-2013-5817", "CVE-2010-4469", "CVE-2012-0503", "CVE-2011-3521", "CVE-2013-0443", "CVE-2011-5035", "CVE-2013-2419", "CVE-2014-0461", "CVE-2012-1723", "CVE-2013-2463", "CVE-2011-3571", "CVE-2010-3860", "CVE-2011-3389", "CVE-2013-2469", "CVE-2014-0459", "CVE-2014-0456", "CVE-2010-4450", "CVE-2012-1726", "CVE-2013-2465", "CVE-2013-1537", "CVE-2014-0429", "CVE-2013-5806", "CVE-2010-3574", "CVE-2011-3544", "CVE-2013-5805", "CVE-2011-3553", "CVE-2013-0444", "CVE-2012-0506", "CVE-2013-0433", "CVE-2013-1480", "CVE-2013-5825", "CVE-2012-1717", "CVE-2013-2423", "CVE-2010-3541", "CVE-2013-5823", "CVE-2011-3558", "CVE-2014-2403", "CVE-2012-1713", "CVE-2013-2461", "CVE-2012-1716", "CVE-2009-3555", "CVE-2013-2429", "CVE-2013-5849", "CVE-2014-2412", "CVE-2010-2548", "CVE-2012-5086", "CVE-2013-2471", "CVE-2012-0497", "CVE-2012-5077", "CVE-2013-1486", "CVE-2013-1476", "CVE-2010-4476", "CVE-2010-4472", "CVE-2013-5780", "CVE-2010-4471", "CVE-2014-2421", "CVE-2012-5069", "CVE-2012-3216", "CVE-2014-0460", "CVE-2011-0870", "CVE-2011-0815", "CVE-2013-0432", "CVE-2012-0505", "CVE-2012-5084", "CVE-2012-1718", "CVE-2010-2783", "CVE-2013-2458", "CVE-2011-3554", "CVE-2013-0424", "CVE-2013-2459", "CVE-2013-0450", "CVE-2012-5071", "CVE-2013-5814", "CVE-2010-3561", "CVE-2011-0025", "CVE-2012-0501", "CVE-2010-3564", "CVE-2013-0440", "CVE-2013-2443", "CVE-2010-3549", "CVE-2012-3422", "CVE-2013-2446", "CVE-2011-3556", "CVE-2012-0547", "CVE-2013-5829", "CVE-2010-3554", "CVE-2013-5803", "CVE-2012-5072", "CVE-2013-2450", "CVE-2013-2472", "CVE-2014-2423", "CVE-2010-4470", "CVE-2011-0822", "CVE-2011-3560", "CVE-2013-1493", "CVE-2013-2444", "CVE-2013-2447", "CVE-2013-2457", "CVE-2010-4351", "CVE-2011-0864", "CVE-2013-2453", "CVE-2013-1557", "CVE-2013-2426", "CVE-2013-2455", "CVE-2013-2422", "CVE-2013-2383", "CVE-2013-0425", "CVE-2013-1484", "CVE-2011-3552", "CVE-2013-5774", "CVE-2012-1724", "CVE-2010-3567", "CVE-2010-3573", "CVE-2013-6629", "CVE-2012-5068", "CVE-2013-3829", "CVE-2013-0441", "CVE-2010-3548", "CVE-2011-0706", "CVE-2012-5979", "CVE-2012-0502", "CVE-2013-5783", "CVE-2010-4467", "CVE-2012-3423", "CVE-2013-5800", "CVE-2013-5820", "CVE-2013-5790", "CVE-2014-2398", "CVE-2010-3568", "CVE-2014-0451", "CVE-2013-1569", "CVE-2013-2412", "CVE-2014-0452", "CVE-2011-0862", "CVE-2013-2445", "CVE-2013-2430", "CVE-2013-2460", "CVE-2013-5840", "CVE-2014-2414", "CVE-2010-3569", "CVE-2011-0871", "CVE-2013-2449", "CVE-2011-0872", "CVE-2012-5070", "CVE-2013-5797", "CVE-2013-5804", "CVE-2013-5772"], "description": "### Background\n\nIcedTea is a distribution of the Java OpenJDK source code built with free build tools. \n\n### Description\n\nMultiple vulnerabilities have been discovered in the IcedTea JDK. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, bypass intended security policies, or have other unspecified impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll IcedTea JDK users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/icedtea-bin-6.1.13.3\"", "edition": 1, "modified": "2016-04-19T00:00:00", "published": "2014-06-29T00:00:00", "id": "GLSA-201406-32", "href": "https://security.gentoo.org/glsa/201406-32", "type": "gentoo", "title": "IcedTea JDK: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}