Detections
Analytics
SuSE 11 Security Update : IBM Java 1.4.2 (SAT Patch Number 735)
critical Nessus Plugin ID 41404
Synopsis
The remote SuSE 11 host is missing one or more security updates.Description
This update brings the IBM Java 1.4.2 JDK and JRE to Service Release 13. It fixes lots of bugs and various security issues :- A security vulnerability in the Java Runtime Environment (JRE) may allow an untrusted applet or application to list the contents of the home directory of the user running the applet or application. (CVE-2008-5350)
- A security vulnerability in the Java Runtime Environment (JRE) with parsing zip files may allow an untrusted applet or application to read arbitrary memory locations in the process that the applet or application is running in. (CVE-2008-5346)
- A vulnerability in Java Web Start and Java Plug-in may allow hidden code on a host to make network connections to that host and to hijack HTTP sessions using cookies stored in the browser. (CVE-2008-5343)
- A vulnerability in the Java Runtime Environment (JRE) with applet classloading may allow an untrusted applet to read arbitrary files on a system that the applet runs on and make network connections to hosts other than the host it was loaded from. (CVE-2008-5344)
- A buffer overflow vulnerability in the Java Runtime Environment (JRE) image processing code may allow an untrusted applet or application to escalate privileges.
For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-5359)
- A vulnerability in the Java Runtime Environment (JRE) may allow an untrusted Java Web Start application to make network connections to hosts other than the host that the application is downloaded from. (CVE-2008-5339)
- A vulnerability in the Java Runtime Environment with launching Java Web Start applications may allow an untrusted Java Web Start application to escalate privileges. For example, an untrusted application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted application. (CVE-2008-5340)
- A security vulnerability in the Java Runtime Environment (JRE) with authenticating users through Kerberos may lead to a Denial of Service (DoS) to the system as a whole, due to excessive consumption of operating system resources. (CVE-2008-5348)
- A vulnerability in Java Web Start may allow certain trusted operations to be performed, such as modifying system properties. (CVE-2008-2086)
- The Java Runtime Environment (JRE) allows code loaded from the local filesystem to access localhost. This may allow code that is maliciously placed on the local filesystem and then subsequently run, to have network access to localhost that would not otherwise be allowed if the code were loaded from a remote host. This may be leveraged to steal cookies and hijack sessions (for domains that map a name to the localhost).
(CVE-2008-5345)
- The UTF-8 (Unicode Transformation Format-8) decoder in the Java Runtime Environment (JRE) accepts encodings that are longer than the 'shortest' form. This behavior is not a vulnerability in Java SE. However, it may be leveraged to exploit systems running software that relies on the JRE UTF-8 decoder to reject non-shortest form sequences. For example, non-shortest form sequences may be decoded into illegal URIs, which may then allow files that are not otherwise accessible to be read, if the URIs are not checked following UTF-8 decoding.
(CVE-2008-5351)
- The Java Runtime Environment creates temporary files with insufficiently random names. This may be leveraged to write JAR files which may then be loaded as untrusted applets and Java Web Start applications to access and provide services from localhost and hence steal cookies.
(CVE-2008-5360)
- A security vulnerability in the Java Runtime Environment (JRE) related to deserializing calendar objects may allow an untrusted applet or application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-5353)
- A buffer vulnerability in the Java Runtime Environment (JRE) with processing fonts may allow an untrusted applet or Java Web Start application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-5356)
- A buffer overflow vulnerability in the Java Runtime Environment (JRE) may allow an untrusted Java application that is launched through the command line to escalate privileges. For example, the untrusted Java application may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted Java application. (CVE-2008-5354)
This vulnerability cannot be exploited by an applet or Java Web Start application.
- A buffer vulnerability in the Java Runtime Environment (JRE) with processing fonts may allow an untrusted applet or Java Web Start application to escalate privileges. For example, an untrusted applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2008-5357)
- A security vulnerability in the the Java Web Start BasicService allows untrusted applications that are downloaded from another system to request local files to be displayed by the browser of the user running the untrusted application. (CVE-2008-5342)
Solution
Apply SAT patch number 735.See Also
https://bugzilla.novell.com/show_bug.cgi?id=489052
http://support.novell.com/security/cve/CVE-2008-5340.html
http://support.novell.com/security/cve/CVE-2008-5342.html
http://support.novell.com/security/cve/CVE-2008-5351.html
http://support.novell.com/security/cve/CVE-2008-5356.html
http://support.novell.com/security/cve/CVE-2008-5357.html
http://support.novell.com/security/cve/CVE-2008-2086.html
http://support.novell.com/security/cve/CVE-2008-5339.html
http://support.novell.com/security/cve/CVE-2008-5343.html
http://support.novell.com/security/cve/CVE-2008-5344.html
http://support.novell.com/security/cve/CVE-2008-5345.html
http://support.novell.com/security/cve/CVE-2008-5346.html
http://support.novell.com/security/cve/CVE-2008-5348.html
http://support.novell.com/security/cve/CVE-2008-5350.html
http://support.novell.com/security/cve/CVE-2008-5353.html
http://support.novell.com/security/cve/CVE-2008-5354.html
http://support.novell.com/security/cve/CVE-2008-5359.html
Plugin Details
Severity: Critical
ID: 41404
File Name: suse_11_java-1_4_2-ibm-090405.nasl
Version: 1.16
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 9/24/2009
Updated: 1/14/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:11:java-1_4_2-ibm-plugin, p-cpe:/a:novell:suse_linux:11:java-1_4_2-ibm, p-cpe:/a:novell:suse_linux:11:java-1_4_2-ibm-jdbc, cpe:/o:novell:suse_linux:11
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/5/2009
Exploitable With
CANVAS (CANVAS)
Core Impact
Metasploit (Sun Java Calendar Deserialization Privilege Escalation)
Reference Information
CVE: CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5359, CVE-2008-5360