RHEL 5 : Red Hat Network Satellite server IBM Java Runtime (RHSA-2011:0880)

critical Nessus Plugin ID 63983

Synopsis

The remote Red Hat host is missing one or more security updates for Red Hat Network Satellite server IBM Java Runtime.

Description

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0880 advisory.

- TLS: MITM attacks via session renegotiation (CVE-2009-3555)

- krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005) (CVE-2010-1321)

- OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004) (CVE-2010-3541, CVE-2010-3573)

- OpenJDK DNS server IP address information leak (6957564) (CVE-2010-3548)

- OpenJDK HttpURLConnection request splitting (6952017) (CVE-2010-3549)

- JDK unspecified vulnerability in Java Web Start component (CVE-2010-3550, CVE-2010-3558)

- OpenJDK local network address disclosure (6952603) (CVE-2010-3551)

- OpenJDK Swing unsafe reflection usage (6622002) (CVE-2010-3553)

- JDK unspecified vulnerability in Deployment component (CVE-2010-3555, CVE-2010-4422, CVE-2010-4447, CVE-2010-4452, CVE-2010-4463, CVE-2010-4466, CVE-2010-4467, CVE-2010-4475)

- JDK unspecified vulnerability in 2D component (CVE-2010-3556, CVE-2010-3571)

- OpenJDK Swing mutable static (6938813) (CVE-2010-3557)

- JDK unspecified vulnerability in Networking component (CVE-2010-3560)

- OpenJDK IndexColorModel double-free (6925710) (CVE-2010-3562)

- OpenJDK: unspecified vulnerability in Deployment component (CVE-2010-3563)

- OpenJDK JPEG writeImage remote code execution (6963023) (CVE-2010-3565)

- OpenJDK ICC Profile remote code execution (6963489) (CVE-2010-3566)

- OpenJDK Deserialization Race condition (6559775) (CVE-2010-3568)

- OpenJDK Serialization inconsistencies (6966692) (CVE-2010-3569)

- JDK unspecified vulnerability in Sound component (CVE-2010-3572, CVE-2010-4454, CVE-2010-4462, CVE-2010-4473)

- OpenJDK HttpURLConnection incomplete TRACE permission check (6981426) (CVE-2010-3574)

- OpenJDK DNS cache poisoning by untrusted applets (6981922) (CVE-2010-4448)

- OpenJDK Swing timer-based security manager bypass (6907662) (CVE-2010-4465)

- JDK unspecified vulnerability in JDBC component (CVE-2010-4468)

- OpenJDK Java2D font-related system property leak (6985453) (CVE-2010-4471)

- JDK Double.parseDouble Denial-Of-Service (CVE-2010-4476)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL Red Hat Network Satellite server IBM Java Runtime package based on the guidance in RHSA-2011:0880.

See Also

http://www.ibm.com/developerworks/java/jdk/alerts/

http://www.nessus.org/u?fceae64d

https://access.redhat.com/errata/RHSA-2011:0880

https://access.redhat.com/security/updates/classification/#low

https://bugzilla.redhat.com/show_bug.cgi?id=533125

https://bugzilla.redhat.com/show_bug.cgi?id=582466

https://bugzilla.redhat.com/show_bug.cgi?id=642187

https://bugzilla.redhat.com/show_bug.cgi?id=642202

https://bugzilla.redhat.com/show_bug.cgi?id=642215

https://bugzilla.redhat.com/show_bug.cgi?id=642558

https://bugzilla.redhat.com/show_bug.cgi?id=642559

https://bugzilla.redhat.com/show_bug.cgi?id=642573

https://bugzilla.redhat.com/show_bug.cgi?id=642576

https://bugzilla.redhat.com/show_bug.cgi?id=639876

https://bugzilla.redhat.com/show_bug.cgi?id=639897

https://bugzilla.redhat.com/show_bug.cgi?id=639904

https://bugzilla.redhat.com/show_bug.cgi?id=639909

https://bugzilla.redhat.com/show_bug.cgi?id=639920

https://bugzilla.redhat.com/show_bug.cgi?id=639922

https://bugzilla.redhat.com/show_bug.cgi?id=639925

https://bugzilla.redhat.com/show_bug.cgi?id=642167

https://bugzilla.redhat.com/show_bug.cgi?id=642180

https://bugzilla.redhat.com/show_bug.cgi?id=642585

https://bugzilla.redhat.com/show_bug.cgi?id=642589

https://bugzilla.redhat.com/show_bug.cgi?id=642593

https://bugzilla.redhat.com/show_bug.cgi?id=642611

https://bugzilla.redhat.com/show_bug.cgi?id=674336

https://bugzilla.redhat.com/show_bug.cgi?id=675984

https://bugzilla.redhat.com/show_bug.cgi?id=676019

https://bugzilla.redhat.com/show_bug.cgi?id=676023

https://bugzilla.redhat.com/show_bug.cgi?id=677957

https://bugzilla.redhat.com/show_bug.cgi?id=677958

https://bugzilla.redhat.com/show_bug.cgi?id=677959

https://bugzilla.redhat.com/show_bug.cgi?id=677960

https://bugzilla.redhat.com/show_bug.cgi?id=677961

https://bugzilla.redhat.com/show_bug.cgi?id=677963

https://bugzilla.redhat.com/show_bug.cgi?id=677966

https://bugzilla.redhat.com/show_bug.cgi?id=677967

https://bugzilla.redhat.com/show_bug.cgi?id=677968

https://bugzilla.redhat.com/show_bug.cgi?id=677970

https://bugzilla.redhat.com/show_bug.cgi?id=677971

Plugin Details

Severity: Critical

ID: 63983

File Name: redhat-RHSA-2011-0880.nasl

Version: 1.15

Type: local

Agent: unix

Published: 1/24/2013

Updated: 4/21/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.8

Vendor

Vendor Severity: Low

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-4473

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2009-3555

Vulnerability Information

CPE: cpe:/o:redhat:enterprise_linux:5, p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm, p-cpe:/a:redhat:enterprise_linux:java-1.6.0-ibm-devel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/16/2011

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Sun Java Applet2ClassLoader Remote Code Execution)

Reference Information

CVE: CVE-2009-3555, CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3553, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3560, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568, CVE-2010-3569, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574, CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476

BID: 46091, 46386, 46388, 46391, 46393, 46394, 46395, 46398, 46399, 46402, 46403, 46406, 46409, 46410, 46411, 43965, 43971, 43979, 43985, 43988, 43999, 44009, 44011, 44012, 44014, 44016, 44017, 44021, 44024, 44027, 44028, 44030, 44032, 44035, 44038, 44040

CWE: 300, 476

RHSA: 2011:0880