Language:
Severity: High
ID: 45474
File Name: ubuntu_USN-923-1.nasl
Version: 1.25
Type: local
Agent: unix
Family: Ubuntu Local Security Checks
Published: 4/9/2010
Updated: 5/25/2022
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Factor: Critical
Score: 9.7
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE: cpe:/o:canonical:ubuntu_linux:9.04, cpe:/o:canonical:ubuntu_linux:9.10, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-lib, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-headless, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-demo, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jre-zero, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source, p-cpe:/a:canonical:ubuntu_linux:icedtea-6-jre-cacao, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-jdk, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-source-files, cpe:/o:canonical:ubuntu_linux:8.10, p-cpe:/a:canonical:ubuntu_linux:icedtea6-plugin, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-dbg, cpe:/o:canonical:ubuntu_linux:8.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:openjdk-6-doc
Required KB Items: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/6/2010
Vulnerability Publication Date: 11/9/2009
CISA Known Exploited Vulnerability Due Dates: 6/15/2022
CANVAS (CANVAS)
Core Impact
Metasploit (Java Statement.invoke() Trusted Method Chain Privilege Escalation)
CVE: CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0845, CVE-2010-0847, CVE-2010-0848
BID: 36935, 39065, 39069, 39071, 39072, 39075, 39078, 39081, 39085, 39086, 39088, 39089, 39090, 39093, 39094, 39096