Search...

SLES9: Security update for Java2

2009-10-10T00:00:00

ID OPENVAS:65109
Type openvas
Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
Modified 2017-07-11T00:00:00

Description

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected:

java2-jre
java2

For more information, please visit the referenced security advisories.

More details may also be found by searching for keyword 5021170 within the SuSE Enterprise Server 9 patch database at http://download.novell.com/patch/finder/

                                        
                                            # OpenVAS Vulnerability Test
# $Id: sles9p5021170.nasl 6666 2017-07-11 13:13:36Z cfischer $
# Description: Security update for Java2
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_summary = "The remote host is missing updates to packages that affect
the security of your system.  One or more of the following packages
are affected:

    java2-jre
    java2

For more information, please visit the referenced security
advisories.

More details may also be found by searching for keyword
5021170 within the SuSE Enterprise Server 9 patch
database at http://download.novell.com/patch/finder/";

tag_solution = "Please install the updates provided by SuSE.";
                                                                                
if(description)
{
 script_id(65109);
 script_version("$Revision: 6666 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)");
 script_cve_id("CVE-2005-0836", "CVE-2005-1974");
 script_tag(name:"cvss_base", value:"10.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_name("SLES9: Security update for Java2");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("SuSE Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-rpm.inc");

res = "";
report = "";
if ((res = isrpmvuln(pkg:"java2-jre", rpm:"java2-jre~1.4.2~129.14", rls:"SLES9.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:65109", "type": "openvas", "bulletinFamily": "scanner", "title": "SLES9: Security update for Java2", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021170 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "published": "2009-10-10T00:00:00", "modified": "2017-07-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=65109", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2005-1974", "CVE-2005-0836"], "lastseen": "2017-07-26T08:55:58", "viewCount": 0, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2017-07-26T08:55:58", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-1974", "CVE-2005-0836"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065374", "OPENVAS:136141256231065109", "OPENVAS:54893", "OPENVAS:65374"]}, {"type": "suse", "idList": ["SUSE-SA:2005:032"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200503-28.NASL", "JAVA_JRE_PLUGIN_SECURITY_BYPASS2_UNIX.NASL", "JAVA_JRE_PLUGIN_SECURITY_BYPASS2.NASL", "HPUX_PHSS_33866.NASL", "HPUX_PHSS_32406.NASL", "HPUX_PHSS_33627.NASL", "SUSE_SA_2005_032.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200503-28"]}, {"type": "osvdb", "idList": ["OSVDB:17340", "OSVDB:14899"]}], "modified": "2017-07-26T08:55:58", "rev": 2}, "vulnersScore": 7.2}, "pluginID": "65109", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021170.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Java2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021170 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65109);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0836\", \"CVE-2005-1974\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Java2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.14\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks", "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:24:37", "description": "Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges.", "edition": 4, "cvss3": {}, "published": "2005-06-16T04:00:00", "title": "CVE-2005-1974", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-1974"], "modified": "2016-10-18T03:23:00", "cpe": ["cpe:/a:sun:j2se:1.4.2_06", "cpe:/a:sun:j2se:1.4.2_02", "cpe:/a:sun:j2se:1.4.2_04", "cpe:/a:sun:j2se:5.0", "cpe:/a:sun:j2se:5.0_update1", "cpe:/a:sun:j2se:1.4.2_05", "cpe:/a:sun:j2se:1.4.2_01", "cpe:/a:sun:j2se:1.4.2_03", "cpe:/a:sun:j2se:1.4.2", "cpe:/a:sun:j2se:1.4.2_07"], "id": "CVE-2005-1974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1974", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:sun:j2se:5.0_update1:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_07:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:5.0:*:sdk:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:24:35", "description": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.", "edition": 4, "cvss3": {}, "published": "2005-05-02T04:00:00", "title": "CVE-2005-0836", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0836"], "modified": "2016-10-18T03:15:00", "cpe": ["cpe:/a:sun:j2se:1.4.2_06", "cpe:/a:sun:j2se:1.4.2_02", "cpe:/a:sun:j2se:1.4.2_04", "cpe:/a:sun:j2se:1.4.2_05", "cpe:/a:sun:j2se:1.4.2_01", "cpe:/a:sun:j2se:1.4.2_03", "cpe:/a:sun:j2se:1.4.2"], "id": "CVE-2005-0836", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0836", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:sun:j2se:1.4.2_06:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_01:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_03:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_02:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_05:*:sdk:*:*:*:*:*", "cpe:2.3:a:sun:j2se:1.4.2_04:*:sdk:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-26T08:55:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974", "CVE-2005-0836"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2\n java2-jre\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011515 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65374", "href": "http://plugins.openvas.org/nasl.php?oid=65374", "type": "openvas", "title": "SLES9: Security update for Java2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5011515.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Java2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2\n java2-jre\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011515 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65374);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0836\", \"CVE-2005-1974\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Java2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java2\", rpm:\"java2~1.4.2~144\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974", "CVE-2005-0836"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2\n java2-jre\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011515 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065374", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065374", "type": "openvas", "title": "SLES9: Security update for Java2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5011515.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Java2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2\n java2-jre\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011515 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65374\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0836\", \"CVE-2005-1974\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Java2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java2\", rpm:\"java2~1.4.2~144\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974", "CVE-2005-0836"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021170 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065109", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065109", "type": "openvas", "title": "SLES9: Security update for Java2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021170.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Java2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n java2-jre\n java2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021170 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65109\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0836\", \"CVE-2005-1974\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Java2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"java2-jre\", rpm:\"java2-jre~1.4.2~129.14\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0836"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200503-28.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:54893", "href": "http://plugins.openvas.org/nasl.php?oid=54893", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200503-28 (Java)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Java Web Start JNLP files can be abused to evade sandbox restriction and\nexecute arbitrary code.\";\ntag_solution = \"All Sun JDK users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.4.2.07'\n\nAll Sun JRE users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.4.2.07'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-28\nhttp://bugs.gentoo.org/show_bug.cgi?id=85804\nhttp://jouko.iki.fi/adv/ws.html\nhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200503-28.\";\n\n \n\nif(description)\n{\n script_id(54893);\n script_cve_id(\"CVE-2005-0836\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_name(\"Gentoo Security Advisory GLSA 200503-28 (Java)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-java/sun-jdk\", unaffected: make_list(\"ge 1.4.2.07\", \"lt 1.4.2\"), vulnerable: make_list(\"lt 1.4.2.07\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"dev-java/sun-jre-bin\", unaffected: make_list(\"ge 1.4.2.07\", \"lt 1.4.2\"), vulnerable: make_list(\"lt 1.4.2.07\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:37:04", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1974", "CVE-2005-0836"], "description": "Two security bugs in the SUN Java implementation have been fixed.\n#### Solution\nInstall the updated packages. A possible workaround is to disable Java Applets in your web browser.", "edition": 1, "modified": "2005-06-22T12:11:10", "published": "2005-06-22T12:11:10", "id": "SUSE-SA:2005:032", "href": "http://lists.opensuse.org/opensuse-security-announce/2005-06/msg00020.html", "type": "suse", "title": "remote code execution in java2", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-17T14:14:45", "description": "The remote host is missing the patch for the advisory SUSE-SA:2005:032 (java2).\n\n\nTwo security bugs in the SUN Java implementation have been fixed.\n\nJava Web Start can be exploited remotely due to an error in input\nvalidation of tags in JNLP files, so an attacker can pass arbitrary\ncommand-line options to the virtual machine to disable the sandbox\nand get access to files.\n\nThis is tracked by the Mitre CVE ID CVE-2005-0836.\n\nThe second bug is equal to the first one but can also triggered by\nuntrusted applets.\n\nThis is tracked by the Mitre CVE ID CVE-2005-1974.", "edition": 20, "published": "2005-07-20T00:00:00", "title": "SUSE-SA:2005:032: java2", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974", "CVE-2005-0836"], "modified": "2005-07-20T00:00:00", "cpe": [], "id": "SUSE_SA_2005_032.NASL", "href": "https://www.tenable.com/plugins/nessus/19241", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:032\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(19241);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n \n name[\"english\"] = \"SUSE-SA:2005:032: java2\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2005:032 (java2).\n\n\nTwo security bugs in the SUN Java implementation have been fixed.\n\nJava Web Start can be exploited remotely due to an error in input\nvalidation of tags in JNLP files, so an attacker can pass arbitrary\ncommand-line options to the virtual machine to disable the sandbox\nand get access to files.\n\nThis is tracked by the Mitre CVE ID CVE-2005-0836.\n\nThe second bug is equal to the first one but can also triggered by\nuntrusted applets.\n\nThis is tracked by the Mitre CVE ID CVE-2005-1974.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/advisories/2005_32_java2.html\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\" );\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/07/20\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the java2 package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"java2-1.4.2-144\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java2-jre-1.4.2-144\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java2-1.4.2-144\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java2-jre-1.4.2-144\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java2-1.4.2-129.14\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java2-jre-1.4.2-129.14\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-alsa-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-demo-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-devel-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-jdbc-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-plugin-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-src-1.4.2.08-0.1\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-alsa-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-demo-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-devel-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-jdbc-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-plugin-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"java-1_4_2-sun-src-1.4.2.08-0.1\", release:\"SUSE9.3\") )\n{\n security_hole(0);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:51:56", "description": "The remote host is affected by the vulnerability described in GLSA-200503-28\n(Sun Java: Web Start argument injection vulnerability)\n\n Jouko Pynnonen discovered that Java Web Start contains a vulnerability\n in the way it handles property tags in JNLP files.\n \nImpact :\n\n By enticing a user to open a malicious JNLP file, a remote attacker\n could pass command line arguments to the Java Virtual machine, which\n can be used to bypass the Java 'sandbox' and to execute arbitrary code\n with the permissions of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 26, "published": "2005-03-25T00:00:00", "title": "GLSA-200503-28 : Sun Java: Web Start argument injection vulnerability", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-0836"], "modified": "2005-03-25T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:sun-jdk", "cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:sun-jre-bin"], "id": "GENTOO_GLSA-200503-28.NASL", "href": "https://www.tenable.com/plugins/nessus/17615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200503-28.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17615);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0836\");\n script_xref(name:\"GLSA\", value:\"200503-28\");\n\n script_name(english:\"GLSA-200503-28 : Sun Java: Web Start argument injection vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200503-28\n(Sun Java: Web Start argument injection vulnerability)\n\n Jouko Pynnonen discovered that Java Web Start contains a vulnerability\n in the way it handles property tags in JNLP files.\n \nImpact :\n\n By enticing a user to open a malicious JNLP file, a remote attacker\n could pass command line arguments to the Java Virtual machine, which\n can be used to bypass the Java 'sandbox' and to execute arbitrary code\n with the permissions of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://jouko.iki.fi/adv/ws.html\"\n );\n # http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e507de21\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200503-28\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Sun JDK users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jdk-1.4.2.07'\n All Sun JRE users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-java/sun-jre-bin-1.4.2.07'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sun-jdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sun-jre-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-java/sun-jre-bin\", unaffected:make_list(\"ge 1.4.2.07\", \"lt 1.4.2\"), vulnerable:make_list(\"lt 1.4.2.07\"))) flag++;\nif (qpkg_check(package:\"dev-java/sun-jdk\", unaffected:make_list(\"ge 1.4.2.07\", \"lt 1.4.2\"), vulnerable:make_list(\"lt 1.4.2.07\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Sun Java\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:32:13", "description": "s700_800 11.X OV OVO8.1X PARISC JavaGUI client A.08.14 : \n\nA potential security vulnerability has been identified with the HP\nOpenView Operations and OpenView VantagePoint Java Runtime Environment\n(JRE). This vulnerability may allow an untrusted remote applet to\nelevate its privileges.", "edition": 24, "published": "2005-10-25T00:00:00", "title": "HP-UX PHSS_33627 : HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE), Remote Privileged Access (HPSBMA01234 SSRT051052 rev.2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974"], "modified": "2005-10-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_33627.NASL", "href": "https://www.tenable.com/plugins/nessus/20085", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_33627. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20085);\n script_version(\"1.26\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-1974\");\n script_xref(name:\"HP\", value:\"emr_na-c01033698\");\n script_xref(name:\"HP\", value:\"SSRT051052\");\n\n script_name(english:\"HP-UX PHSS_33627 : HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE), Remote Privileged Access (HPSBMA01234 SSRT051052 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.X OV OVO8.1X PARISC JavaGUI client A.08.14 : \n\nA potential security vulnerability has been identified with the HP\nOpenView Operations and OpenView VantagePoint Java Runtime Environment\n(JRE). This vulnerability may allow an untrusted remote applet to\nelevate its privileges.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01033698\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?43a5c3bd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_33627 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00 11.11 11.23\"))\n{\n exit(0, \"The host is not affected since PHSS_33627 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHSS_33627\", \"PHSS_33864\", \"PHSS_34363\", \"PHSS_34733\", \"PHSS_35228\", \"PHSS_35791\", \"PHSS_36273\", \"PHSS_36772\", \"PHSS_37183\", \"PHSS_37566\", \"PHSS_38203\", \"PHSS_38854\", \"PHSS_39327\", \"PHSS_39896\", \"PHSS_40468\", \"PHSS_41213\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-ENG\", version:\"A.08.10.160\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-GUI\", version:\"A.08.10.160\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-JPN\", version:\"A.08.10.160\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-KOR\", version:\"A.08.10.160\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-SCH\", version:\"A.08.10.160\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-SPA\", version:\"A.08.10.160\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T11:32:13", "description": "s700_800 11.00 OV ITO6.0X OVO JavaGUI client A.07.20.1 : \n\nA potential security vulnerability has been identified with the HP\nOpenView Operations and OpenView VantagePoint Java Runtime Environment\n(JRE). This vulnerability may allow an untrusted remote applet to\nelevate its privileges.", "edition": 24, "published": "2005-10-25T00:00:00", "title": "HP-UX PHSS_33866 : HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE), Remote Privileged Access (HPSBMA01234 SSRT051052 rev.2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974"], "modified": "2005-10-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_33866.NASL", "href": "https://www.tenable.com/plugins/nessus/20086", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_33866. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20086);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-1974\");\n script_xref(name:\"HP\", value:\"emr_na-c01033698\");\n script_xref(name:\"HP\", value:\"SSRT051052\");\n\n script_name(english:\"HP-UX PHSS_33866 : HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE), Remote Privileged Access (HPSBMA01234 SSRT051052 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.00 OV ITO6.0X OVO JavaGUI client A.07.20.1 : \n\nA potential security vulnerability has been identified with the HP\nOpenView Operations and OpenView VantagePoint Java Runtime Environment\n(JRE). This vulnerability may allow an untrusted remote applet to\nelevate its privileges.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01033698\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?43a5c3bd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_33866 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00\"))\n{\n exit(0, \"The host is not affected since PHSS_33866 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHSS_33866\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-ENG\", version:\"A.06.00\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-GUI\", version:\"A.06.00\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T11:32:13", "description": "s700_800 11.X OV ITO7.1X JavaGUI client A.07.20.1 : \n\nA potential security vulnerability has been identified with the HP\nOpenView Operations and OpenView VantagePoint Java Runtime Environment\n(JRE). This vulnerability may allow an untrusted remote applet to\nelevate its privileges.", "edition": 24, "published": "2005-10-25T00:00:00", "title": "HP-UX PHSS_32406 : HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE), Remote Privileged Access (HPSBMA01234 SSRT051052 rev.2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974"], "modified": "2005-10-25T00:00:00", "cpe": ["cpe:/o:hp:hp-ux"], "id": "HPUX_PHSS_32406.NASL", "href": "https://www.tenable.com/plugins/nessus/20084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and patch checks in this plugin were \n# extracted from HP patch PHSS_32406. The text itself is\n# copyright (C) Hewlett-Packard Development Company, L.P.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20084);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-1974\");\n script_xref(name:\"HP\", value:\"emr_na-c01033698\");\n script_xref(name:\"HP\", value:\"SSRT051052\");\n\n script_name(english:\"HP-UX PHSS_32406 : HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE), Remote Privileged Access (HPSBMA01234 SSRT051052 rev.2)\");\n script_summary(english:\"Checks for the patch in the swlist output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote HP-UX host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"s700_800 11.X OV ITO7.1X JavaGUI client A.07.20.1 : \n\nA potential security vulnerability has been identified with the HP\nOpenView Operations and OpenView VantagePoint Java Runtime Environment\n(JRE). This vulnerability may allow an untrusted remote applet to\nelevate its privileges.\"\n );\n # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01033698\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?43a5c3bd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install patch PHSS_32406 or subsequent.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:hp:hp-ux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"HP-UX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/HP-UX/version\", \"Host/HP-UX/swlist\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"hpux.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/HP-UX/version\")) audit(AUDIT_OS_NOT, \"HP-UX\");\nif (!get_kb_item(\"Host/HP-UX/swlist\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (!hpux_check_ctx(ctx:\"11.00 11.11\"))\n{\n exit(0, \"The host is not affected since PHSS_32406 applies to a different OS release.\");\n}\n\npatches = make_list(\"PHSS_32406\");\nforeach patch (patches)\n{\n if (hpux_installed(app:patch))\n {\n exit(0, \"The host is not affected because patch \"+patch+\" is installed.\");\n }\n}\n\n\nflag = 0;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-ENG\", version:\"A.07.10\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-GUI\", version:\"A.07.10\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-JPN\", version:\"A.07.10\")) flag++;\nif (hpux_check_patch(app:\"OVOPC-WWW.OVOPC-WWW-SPA\", version:\"A.07.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:hpux_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-01T03:34:05", "description": "The remote host is using a vulnerable version of Sun Java Runtime\nPlug-in, an web browser addon used to display Java applets.\n\nIt has been reported that the JRE Plug-in Security can be bypassed.\nA remote attacker could exploit this by tricking a user into viewing\na maliciously crafted web page.\n\nAdditionally, a denial of service vulnerability is present in this\nversion of the JVM. This issue is triggered by viewing an applet\nthat misuses the serialization API.", "edition": 27, "published": "2005-06-14T00:00:00", "title": "Sun Java JRE / Web Start Java Plug-in Untrusted Applet Privilege Escalation", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974", "CVE-2005-1973"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "JAVA_JRE_PLUGIN_SECURITY_BYPASS2.NASL", "href": "https://www.tenable.com/plugins/nessus/18480", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\n\nif(description)\n{\n script_id(18480);\n script_version(\"1.26\");\n script_cvs_date(\"Date: 2018/08/22 16:49:14\");\n\n script_cve_id(\"CVE-2005-1973\", \"CVE-2005-1974\");\n script_bugtraq_id(13958, 13945);\n script_xref(name:\"Secunia\", value:\"15671\");\n\n script_name(english:\"Sun Java JRE / Web Start Java Plug-in Untrusted Applet Privilege Escalation\");\n script_summary(english:\"Determines the version of Java JRE plugin\");\n \n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote Windows host contains a runtime environment that is\naffected by multiple vulnerabilities.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The remote host is using a vulnerable version of Sun Java Runtime\nPlug-in, an web browser addon used to display Java applets.\n\nIt has been reported that the JRE Plug-in Security can be bypassed.\nA remote attacker could exploit this by tricking a user into viewing\na maliciously crafted web page.\n\nAdditionally, a denial of service vulnerability is present in this\nversion of the JVM. This issue is triggered by viewing an applet\nthat misuses the serialization API.\" );\n # http://web.archive.org/web/20080509045533/http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0103e844\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to JRE 1.4.2_08 / 1.5.0 update 2 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/06/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2005/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2005/06/13\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n \n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n \n script_dependencies(\"sun_java_jre_installed.nasl\");\n script_require_keys(\"SMB/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\n# Check each installed JRE.\ninstalls = get_kb_list(\"SMB/Java/JRE/*\");\nif (isnull(installs)) exit(0);\n\ninfo = \"\";\nvuln = 0;\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"SMB/Java/JRE/\";\n if (\n ver =~ \"^1\\.4\\.([01]_|2_0*[0-7][^0-9])\" ||\n ver =~ \"^1\\.5\\.0_0*[01][^0-9]\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.4.2_08 / 1.5.0_02\\n';\n }\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity)\n {\n if (vuln > 1) s = \"s of Sun's JRE are\";\n else s = \" of Sun's JRE is\";\n\n report = string(\n \"\\n\",\n \"The following vulnerable instance\", s, \" installed on the\\n\",\n \"remote host :\\n\",\n info\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-04-01T03:34:05", "description": "The remote host is using an unmanaged version of Sun Java Runtime\nEnvironment that has vulnerabilities in its Java Runtime Plug-in, a web\nbrowser add-on used to display Java applets.\n\nThe JRE Plug-in security can be bypassed by tricking a user into viewing\na maliciously crafted web page.\n\nAdditionally, a denial of service vulnerability is present in this\nversion of the JVM. This issue is triggered by viewing an applet that\nmisuses the serialization API.", "edition": 26, "published": "2013-02-22T00:00:00", "title": "Sun Java JRE / Web Start Java Plug-in Untrusted Applet Privilege Escalation (Unix)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1974", "CVE-2005-1973"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/a:oracle:jre"], "id": "JAVA_JRE_PLUGIN_SECURITY_BYPASS2_UNIX.NASL", "href": "https://www.tenable.com/plugins/nessus/64836", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64836);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2005-1973\", \"CVE-2005-1974\");\n script_bugtraq_id(13945, 13958);\n script_xref(name:\"Secunia\", value:\"15671\");\n\n script_name(english:\"Sun Java JRE / Web Start Java Plug-in Untrusted Applet Privilege Escalation (Unix)\");\n script_summary(english:\"Determines the version of Java JRE plugin\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Unix host contains a runtime environment that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is using an unmanaged version of Sun Java Runtime\nEnvironment that has vulnerabilities in its Java Runtime Plug-in, a web\nbrowser add-on used to display Java applets.\n\nThe JRE Plug-in security can be bypassed by tricking a user into viewing\na maliciously crafted web page.\n\nAdditionally, a denial of service vulnerability is present in this\nversion of the JVM. This issue is triggered by viewing an applet that\nmisuses the serialization API.\");\n # http://web.archive.org/web/20080509045533/http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0103e844\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to JRE 1.4.2_08 / 1.5.0 update 2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2005-1974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:jre\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"sun_java_jre_installed_unix.nasl\");\n script_require_keys(\"Host/Java/JRE/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Check each installed JRE.\ninstalls = get_kb_list_or_exit(\"Host/Java/JRE/Unmanaged/*\");\n\ninfo = \"\";\nvuln = 0;\nvuln2 = 0;\ninstalled_versions = \"\";\ngranular = \"\";\nforeach install (list_uniq(keys(installs)))\n{\n ver = install - \"Host/Java/JRE/Unmanaged/\";\n if (ver !~ \"^[0-9.]+\") continue;\n\n installed_versions = installed_versions + \" & \" + ver;\n if (\n ver =~ \"^1\\.4\\.([01]_|2_0*[0-7][^0-9])\" ||\n ver =~ \"^1\\.5\\.0_0*[01][^0-9]\"\n )\n {\n dirs = make_list(get_kb_list(install));\n vuln += max_index(dirs);\n\n foreach dir (dirs)\n info += '\\n Path : ' + dir;\n\n info += '\\n Installed version : ' + ver;\n info += '\\n Fixed version : 1.4.2_08 / 1.5.0_02\\n';\n }\n else if (ver =~ \"^[\\d\\.]+$\")\n {\n dirs = make_list(get_kb_list(install));\n foreach dir (dirs)\n granular += \"The Oracle Java version \"+ver+\" at \"+dir+\" is not granular enough to make a determination.\"+'\\n';\n }\n else\n {\n dirs = make_list(get_kb_list(install));\n vuln2 += max_index(dirs);\n }\n\n}\n\n\n# Report if any were found to be vulnerable.\nif (info)\n{\n if (report_verbosity)\n {\n if (vuln > 1) s = \"s of Sun's JRE are\";\n else s = \" of Sun's JRE is\";\n\n report = string(\n \"\\n\",\n \"The following vulnerable instance\", s, \" installed on the\\n\",\n \"remote host :\\n\",\n info\n );\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n if (granular) exit(0, granular);\n}\nelse\n{\n if (granular) exit(0, granular);\n\n installed_versions = substr(installed_versions, 3);\n if (vuln2 > 1)\n exit(0, \"The Java \"+installed_versions+\" installs on the remote host are not affected.\");\n else\n exit(0, \"The Java \"+installed_versions+\" install on the remote host is not affected.\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:10", "bulletinFamily": "software", "cvelist": ["CVE-2005-0836"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1)\n[Secunia Advisory ID:15777](https://secuniaresearch.flexerasoftware.com/advisories/15777/)\n[Secunia Advisory ID:14640](https://secuniaresearch.flexerasoftware.com/advisories/14640/)\n[Secunia Advisory ID:14695](https://secuniaresearch.flexerasoftware.com/advisories/14695/)\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200503-28.xml\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0574.html\n[CVE-2005-0836](https://vulners.com/cve/CVE-2005-0836)\nBugtraq ID: 12847\n", "modified": "2005-03-16T22:17:03", "published": "2005-03-16T22:17:03", "href": "https://vulners.com/osvdb/OSVDB:14899", "id": "OSVDB:14899", "type": "osvdb", "title": "Java Web Start JNLP File Arbitrary Command Execution", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:13", "bulletinFamily": "software", "cvelist": ["CVE-2005-1974"], "edition": 1, "description": "## Vulnerability Description\nJava 2 Platform Standard Edition (J2SE) contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered due to an unspecified flaw, which may allow an untrusted applet to grant itself permissions to arbitrary read and write files and/or execute arbitrary applications resulting in a loss of integrty.\n## Solution Description\nUpgrade to version 5.0 Update 2 or 1.4.2_08 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nJava 2 Platform Standard Edition (J2SE) contains a flaw that may allow a remote attacker to gain access to unauthorized privileges. The issue is triggered due to an unspecified flaw, which may allow an untrusted applet to grant itself permissions to arbitrary read and write files and/or execute arbitrary applications resulting in a loss of integrty.\n## References:\nVendor URL: http://www.sun.com/\nVendor Specific News/Changelog Entry: http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7638\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1)\n[Vendor Specific Advisory URL](http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01215)\n[Vendor Specific Advisory URL](http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01214)\nSecurity Tracker: 1014192\nSecurity Tracker: 1015643\n[Secunia Advisory ID:15671](https://secuniaresearch.flexerasoftware.com/advisories/15671/)\n[Secunia Advisory ID:15750](https://secuniaresearch.flexerasoftware.com/advisories/15750/)\n[Secunia Advisory ID:15777](https://secuniaresearch.flexerasoftware.com/advisories/15777/)\n[Secunia Advisory ID:17272](https://secuniaresearch.flexerasoftware.com/advisories/17272/)\n[Secunia Advisory ID:15755](https://secuniaresearch.flexerasoftware.com/advisories/15755/)\n[Secunia Advisory ID:16658](https://secuniaresearch.flexerasoftware.com/advisories/16658/)\n[Related OSVDB ID: 17299](https://vulners.com/osvdb/OSVDB:17299)\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200506-14.xml\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.394829\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-10/0227.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-08/0432.html\nKeyword: SSRT051052\n[CVE-2005-1974](https://vulners.com/cve/CVE-2005-1974)\n", "modified": "2005-06-13T08:12:19", "published": "2005-06-13T08:12:19", "href": "https://vulners.com/osvdb/OSVDB:17340", "id": "OSVDB:17340", "title": "Sun JRE Untrusted Applet Privilege Escalation", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:30", "bulletinFamily": "unix", "cvelist": ["CVE-2005-0836"], "edition": 1, "description": "### Background\n\nSun provides implementations of Java Development Kits (JDK) and Java Runtime Environments (JRE). These implementations provide the Java Web Start technology that can be used for easy client-side deployment of Java applications. \n\n### Description\n\nJouko Pynnonen discovered that Java Web Start contains a vulnerability in the way it handles property tags in JNLP files. \n\n### Impact\n\nBy enticing a user to open a malicious JNLP file, a remote attacker could pass command line arguments to the Java Virtual machine, which can be used to bypass the Java \"sandbox\" and to execute arbitrary code with the permissions of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Sun JDK users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jdk-1.4.2.07\"\n\nAll Sun JRE users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-java/sun-jre-bin-1.4.2.07\"", "modified": "2006-05-22T00:00:00", "published": "2005-03-24T00:00:00", "id": "GLSA-200503-28", "href": "https://security.gentoo.org/glsa/200503-28", "type": "gentoo", "title": "Sun Java: Web Start argument injection vulnerability", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}