Debian DSA-2311-1 : openjdk-6 - several vulnerabilities

critical Nessus Plugin ID 56307

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java SE platform. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2011-0862 Integer overflow errors in the JPEG and font parser allow untrusted code (including applets) to elevate its privileges.

- CVE-2011-0864 Hotspot, the just-in-time compiler in OpenJDK, mishandled certain byte code instructions, allowing untrusted code (including applets) to crash the virtual machine.

- CVE-2011-0865 A race condition in signed object deserialization could allow untrusted code to modify signed content, apparently leaving its signature intact.

- CVE-2011-0867 Untrusted code (including applets) could access information about network interfaces which was not intended to be public. (Note that the interface MAC address is still available to untrusted code.)

- CVE-2011-0868 A float-to-long conversion could overflow, allowing untrusted code (including applets) to crash the virtual machine.

- CVE-2011-0869 Untrusted code (including applets) could intercept HTTP requests by reconfiguring proxy settings through a SOAP connection.

- CVE-2011-0871 Untrusted code (including applets) could elevate its privileges through the Swing MediaTracker code.

In addition, this update removes support for the Zero/Shark and Cacao Hotspot variants from the i386 and amd64 due to stability issues.
These Hotspot variants are included in the openjdk-6-jre-zero and icedtea-6-jre-cacao packages, and these packages must be removed during this update.

Solution

Upgrade the openjdk-6 packages.

For the oldstable distribution (lenny), these problems will be fixed in a separate DSA for technical reasons.

For the stable distribution (squeeze), these problems have been fixed in version 6b18-1.8.9-0.1~squeeze1.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629852

https://security-tracker.debian.org/tracker/CVE-2011-0862

https://security-tracker.debian.org/tracker/CVE-2011-0864

https://security-tracker.debian.org/tracker/CVE-2011-0865

https://security-tracker.debian.org/tracker/CVE-2011-0867

https://security-tracker.debian.org/tracker/CVE-2011-0868

https://security-tracker.debian.org/tracker/CVE-2011-0869

https://security-tracker.debian.org/tracker/CVE-2011-0871

https://packages.debian.org/source/squeeze/openjdk-6

https://www.debian.org/security/2011/dsa-2311

Plugin Details

Severity: Critical

ID: 56307

File Name: debian_DSA-2311.nasl

Version: 1.11

Type: local

Agent: unix

Published: 9/28/2011

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:openjdk-6, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 9/27/2011

Reference Information

CVE: CVE-2011-0862, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0871

BID: 48137, 48139, 48140, 48142, 48144, 48146, 48147

DSA: 2311