Vulnerabilities > CVE-2007-3922 - Unspecified vulnerability in SUN Jdk, JRE and SDK
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet.
Vulnerable Configurations
Nessus
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2008-0133.NASL description IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1. IBM last seen 2020-06-01 modified 2020-06-02 plugin id 33247 published 2008-06-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33247 title RHEL 2.1 : IBMJava2 (RHSA-2008:0133) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2008:0133. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(33247); script_version ("1.27"); script_cvs_date("Date: 2019/10/25 13:36:13"); script_cve_id("CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3922"); script_bugtraq_id(24004, 25054); script_xref(name:"RHSA", value:"2008:0133"); script_name(english:"RHEL 2.1 : IBMJava2 (RHSA-2008:0133)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1. IBM's 1.3.1 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A buffer overflow was found in the Java Runtime Environment image-handling code. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-3004) An unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005) A flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet. (CVE-2007-3922) These updated packages also add the following enhancements : * Time zone information has been updated to the latest available information, 2007h. * Accessibility support in AWT can now be disabled through a system property, java.assistive. To support this change, permission to read this property must be added to /opt/IBMJava2-131/jre/lib/security/java.policy. Users of IBMJava2 who have modified this file should add this following line to the grant section : permission java.util.PropertyPermission 'java.assistive', 'read'; All users of IBMJava2 should upgrade to these updated packages, which contain IBM's 1.3.1 SR11 Java release, which resolves these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2007-3004" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2007-3005" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2007-3922" ); # http://www-128.ibm.com/developerworks/java/jdk/alerts/ script_set_attribute( attribute:"see_also", value:"https://www.ibm.com/us-en/?ar=1" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2008:0133" ); script_set_attribute( attribute:"solution", value:"Update the affected IBMJava2-JRE and / or IBMJava2-SDK packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:IBMJava2-JRE"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:IBMJava2-SDK"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/05/21"); script_set_attribute(attribute:"patch_publication_date", value:"2008/06/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/06/24"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2008:0133"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"IBMJava2-JRE-1.3.1-17")) flag++; if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"IBMJava2-SDK-1.3.1-17")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "IBMJava2-JRE / IBMJava2-SDK"); } }NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_38761.NASL description s700_800 11.X OV NNM7.01 Intermediate Patch 12 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02374 SSRT080046) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow execution of arbitrary code or unauthorized access to data. (HPSBMA02406 SSRT080100) - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02392 SSRT071481) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely execute arbitrary code or to create a Denial of Service (DoS). (HPSBMA02338 SSRT080024, SSRT080041) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). (HPSBMA02388 SSRT080059) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: CVE-2007-3698, CVE-2007-3922, SUN Alert 102995, 102997. (HPSBMA02384 SSRT071465) last seen 2020-06-01 modified 2020-06-02 plugin id 34952 published 2008-11-25 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34952 title HP-UX PHSS_38761 : s700_800 11.X OV NNM7.01 Intermediate Patch 12 code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_38761. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(34952); script_version("1.16"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2007-3698", "CVE-2007-3922", "CVE-2007-4349", "CVE-2007-5000", "CVE-2007-6388", "CVE-2008-1842", "CVE-2008-3545", "CVE-2008-4559", "CVE-2008-4560", "CVE-2008-4561", "CVE-2008-4562", "CVE-2009-0205"); script_bugtraq_id(26838, 27237); script_xref(name:"HP", value:"emr_na-c01466051"); script_xref(name:"HP", value:"emr_na-c01567813"); script_xref(name:"HP", value:"emr_na-c01601492"); script_xref(name:"HP", value:"emr_na-c01607558"); script_xref(name:"HP", value:"emr_na-c01607570"); script_xref(name:"HP", value:"emr_na-c01661610"); script_xref(name:"HP", value:"SSRT071465"); script_xref(name:"HP", value:"SSRT071481"); script_xref(name:"HP", value:"SSRT080024"); script_xref(name:"HP", value:"SSRT080041"); script_xref(name:"HP", value:"SSRT080046"); script_xref(name:"HP", value:"SSRT080059"); script_xref(name:"HP", value:"SSRT080100"); script_name(english:"HP-UX PHSS_38761 : s700_800 11.X OV NNM7.01 Intermediate Patch 12"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.X OV NNM7.01 Intermediate Patch 12 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02374 SSRT080046) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow execution of arbitrary code or unauthorized access to data. (HPSBMA02406 SSRT080100) - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02392 SSRT071481) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely execute arbitrary code or to create a Denial of Service (DoS). (HPSBMA02338 SSRT080024, SSRT080041) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). (HPSBMA02388 SSRT080059) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: CVE-2007-3698, CVE-2007-3922, SUN Alert 102995, 102997. (HPSBMA02384 SSRT071465)" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01466051 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?202438e1" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01567813 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?39f46ac2" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01601492 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4abf7ab6" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01607570 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?04c58123" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01607558 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fb0e7f7d" ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?90fb6f0b" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_38761 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack'); script_cwe_id(20, 79, 119, 189, 200); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/10/24"); script_set_attribute(attribute:"patch_modification_date", value:"2008/11/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/25"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/07/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.00 11.11")) { exit(0, "The host is not affected since PHSS_38761 applies to a different OS release."); } patches = make_list("PHSS_38761", "PHSS_40705"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OVNNMETCore.OVNNMET-CORE", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMETCore.OVNNMET-PD", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMETCore.OVNNMET-PESA", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVMIB-CONTRIB", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVNNM-RUN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVNNMGR-JPN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVNNMGR-SCH", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVRPT-RUN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVWWW-JPN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgr.OVWWW-SCH", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVNNMgrMan.OVNNM-RUN-MAN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVDB-RUN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVEVENT-MIN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVMIN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVSNMP-MIN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVWIN", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVWWW-EVNT", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVWWW-FW", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatform.OVWWW-SRV", version:"B.07.01.00")) flag++; if (hpux_check_patch(app:"OVPlatformMan.OVEVENTMIN-MAN", version:"B.07.01.00")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2007-243-01.NASL description Sun has released security advisories pertaining to both the Java Runtime Environment and the Standard Edition Development Kit. One such advisory may be found here: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 Updated versions of both the jre and jdk packages are provided which address all known flaws in Java(TM) at this time. There may be more advisories on http://sunsolve.sun.com describing other flaws that are patched with this update. Happy hunting! Slackware repackages Sun last seen 2020-06-01 modified 2020-06-02 plugin id 25957 published 2007-09-03 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/25957 title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : java (jre, jdk) (SSA:2007-243-01) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Slackware Security Advisory 2007-243-01. The text # itself is copyright (C) Slackware Linux, Inc. # include("compat.inc"); if (description) { script_id(25957); script_version("1.16"); script_cvs_date("Date: 2019/10/25 13:36:21"); script_cve_id("CVE-2007-3922"); script_bugtraq_id(22085, 24004, 24846); script_xref(name:"SSA", value:"2007-243-01"); script_name(english:"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : java (jre, jdk) (SSA:2007-243-01)"); script_summary(english:"Checks for updated packages in /var/log/packages"); script_set_attribute( attribute:"synopsis", value:"The remote Slackware host is missing a security update." ); script_set_attribute( attribute:"description", value: "Sun has released security advisories pertaining to both the Java Runtime Environment and the Standard Edition Development Kit. One such advisory may be found here: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 Updated versions of both the jre and jdk packages are provided which address all known flaws in Java(TM) at this time. There may be more advisories on http://sunsolve.sun.com describing other flaws that are patched with this update. Happy hunting! Slackware repackages Sun's Java(TM) binaries without changing them, so the packages from Slackware 12.0 should work on all glibc based Slackware versions." ); # http://sunsolve.sun.com script_set_attribute( attribute:"see_also", value:"http://web.archive.org/web/20101212032026/http://sunsolve.sun.com/" ); # http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?de36d97b" ); # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?31748020" ); script_set_attribute( attribute:"solution", value:"Update the affected jdk and / or jre packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:jdk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:jre"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:11.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:8.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.1"); script_set_attribute(attribute:"patch_publication_date", value:"2007/08/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/09/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Slackware Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("slackware.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware"); if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu); flag = 0; if (slackware_check(osver:"8.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"8.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"9.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"9.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"9.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"9.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"10.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"10.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"10.1", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"10.1", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"10.2", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"10.2", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"11.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"11.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"12.0", pkgname:"jdk", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (slackware_check(osver:"12.0", pkgname:"jre", pkgver:"6u2", pkgarch:"i586", pkgnum:"1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37182.NASL description s700_800 11.X OV OVO8.X IA-64 JavaGUI client A.08.27 : Potential security vulnerabilities have been identified in OpenView Operations (OVO) running on HP-UX and Solaris. These vulnerabilities may be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: SUN Alert 102995, 102997, CVE-2007-3922, CVE-2007-3698. last seen 2020-06-01 modified 2020-06-02 plugin id 28270 published 2007-11-20 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28270 title HP-UX PHSS_37182 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_37182. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(28270); script_version("1.20"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2007-3698", "CVE-2007-3922"); script_xref(name:"HP", value:"emr_na-c01269450"); script_xref(name:"HP", value:"SSRT071465"); script_name(english:"HP-UX PHSS_37182 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.X OV OVO8.X IA-64 JavaGUI client A.08.27 : Potential security vulnerabilities have been identified in OpenView Operations (OVO) running on HP-UX and Solaris. These vulnerabilities may be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: SUN Alert 102995, 102997, CVE-2007-3922, CVE-2007-3698." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?88bac98f" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_37182 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/11/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/20"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/07/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.23 11.31", proc:"ia64")) { exit(0, "The host is not affected since PHSS_37182 applies to a different OS release / architecture."); } patches = make_list("PHSS_37182", "PHSS_37565", "PHSS_38202", "PHSS_38853", "PHSS_39326", "PHSS_39895", "PHSS_40467", "PHSS_41212"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-ENG", version:"A.08.20.050")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-GUI", version:"A.08.20.050")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-JPN", version:"A.08.20.050")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-KOR", version:"A.08.20.050")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-SCH", version:"A.08.20.050")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-SPA", version:"A.08.20.050")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family MacOS X Local Security Checks NASL id MACOSX_JAVA_REL6.NASL description The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 6. The remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to escalate its privileges and to add or remove arbitrary items from the user last seen 2019-10-28 modified 2007-12-17 plugin id 29702 published 2007-12-17 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29702 title Mac OS X : Java for Mac OS X 10.4 Release 6 code #TRUSTED 4b9c0ad1a24c4115f7b7fff011d8e3264a484e45f31eb2f1e6c2ad4f1f2501d5974dc3e96b6a810cf6e83813c36e309d909fe1075f7760b90957d20fd6746a7953259e5100844ae499acb1d55cf802b13af93ac438a584db1414ff772b69258724293706f0797468e7ede5205d4821b57f9723c1552c569dd5ebefbedf77411f79f0557f75ec26475fd07728ff158025cdab53dab5b7cb5a4dc9b7372b55f78f8cabe36b918d4f86f4a7502580f78ebda9ec376091efdd701e911015ead821b7f8059e8b7d571665ec49738ddf13543b53cfc12cafcb9f9aa3a8750feadc829eea8bc4c70f0c7f2e1ae84669f207ef3f27dc2b109333dc4739a58e80f350bc335e78814793eb5f637e4371c5196bfc530510f94317ef7ffb8da4933841f97eff0d58df4bb1cf34cfa756eff4e024027b2a358bb21a82e5b2729e91d832f05c4bab539872dd89b67dc7bbb7646dcb3b17c1038a5c0297ed5dedf7f5bca73320abfddb36e3b0c498fba6ab90b2193811c4822b638aa06a4bb7d39a443ea29dde32c73fbc86461c9632d7baa8d5902b5101c7d1ed07f79acc36a5307223d43f1d40c7b2b9d76d8c3446970f53c56054cb37d7f08ee0db7ede4070c261792315d9cd5758fb3889a766076cfa13e27b0d7be9801e8ce854abf230989931b264c562c2ed590fb7dcae1d98e9677ce7c3ca7903b400dd393f9c6f255ba5f540d7ec8469 # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(29702); script_version("1.18"); script_set_attribute(attribute:"plugin_modification_date", value:"2018/07/14"); script_cve_id( "CVE-2006-4339", "CVE-2006-6731", "CVE-2006-6736", "CVE-2006-6745", "CVE-2007-0243", "CVE-2007-2435", "CVE-2007-2788", "CVE-2007-2789", "CVE-2007-3503", "CVE-2007-3504", "CVE-2007-3655", "CVE-2007-3698", "CVE-2007-3922", "CVE-2007-4381", "CVE-2007-5232", "CVE-2007-5862" ); script_bugtraq_id( 21673, 21674, 21675, 22085, 24690, 24695, 24832, 24846, 25054, 25340, 25918, 26877 ); script_xref(name:"EDB-ID", value:"30284"); script_name(english:"Mac OS X : Java for Mac OS X 10.4 Release 6"); script_summary(english:"Check for Java Release 6"); script_set_attribute(attribute:"synopsis", value:"The remote host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote Mac OS X 10.4 host is running a version of Java for Mac OS X that is older than release 6. The remote version of this software contains several security vulnerabilities that may allow a rogue Java applet to escalate its privileges and to add or remove arbitrary items from the user's KeyChain. To exploit these flaws, an attacker would need to lure an attacker into executing a rogue Java applet."); script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=307177"); script_set_attribute(attribute:"solution", value:"Upgrade to Java for Mac OS X 10.4 release 6."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(310); script_set_attribute(attribute:"vuln_publication_date", value:"2006/09/05"); script_set_attribute(attribute:"patch_publication_date", value:"2007/07/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/17"); script_set_attribute(attribute:"plugin_type", value:"local"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_family(english:"MacOS X Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/MacOSX/packages"); exit(0); } include("misc_func.inc"); include("ssh_func.inc"); include("macosx_func.inc"); if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS) enable_ssh_wrappers(); else disable_ssh_wrappers(); function exec(cmd) { local_var ret, buf; if ( islocalhost() ) buf = pread(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd)); else { ret = ssh_open_connection(); if ( ! ret ) exit(0); buf = ssh_cmd(cmd:cmd); ssh_close_connection(); } if ( buf !~ "^[0-9]" ) exit(0); buf = chomp(buf); return buf; } packages = get_kb_item("Host/MacOSX/packages"); if ( ! packages ) exit(0); uname = get_kb_item("Host/uname"); # Mac OS X 10.4.10, 10.4.11 only if ( egrep(pattern:"Darwin.* 8\.(10|11)\.", string:uname) ) { cmd = _GetBundleVersionCmd(file:"JavaPluginCocoa.bundle", path:"/Library/Internet Plug-Ins", label:"CFBundleVersion"); buf = exec(cmd:cmd); if ( ! strlen(buf) ) exit(0); array = split(buf, sep:'.', keep:FALSE); if ( int(array[0]) < 11 || (int(array[0]) == 11 && int(array[1]) <= 7 ) ) { cmd = _GetBundleVersionCmd(file:"JavaPluginCocoa.bundle", path:"/Library/Internet Plug-Ins", label:"SourceVersion"); buf = exec(cmd:cmd); if ( strlen(buf) && int(buf) < 1120000 ) security_hole(0); } }NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37183.NASL description s700_800 11.X OV OVO8.X PARISC JavaGUI client A.08.27 : Potential security vulnerabilities have been identified in OpenView Operations (OVO) running on HP-UX and Solaris. These vulnerabilities may be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: SUN Alert 102995, 102997, CVE-2007-3922, CVE-2007-3698. last seen 2020-06-01 modified 2020-06-02 plugin id 28271 published 2007-11-20 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28271 title HP-UX PHSS_37183 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_37183. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(28271); script_version("1.19"); script_cvs_date("Date: 2018/08/10 18:07:07"); script_cve_id("CVE-2007-3698", "CVE-2007-3922"); script_xref(name:"HP", value:"emr_na-c01269450"); script_xref(name:"HP", value:"SSRT071465"); script_name(english:"HP-UX PHSS_37183 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1)"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.X OV OVO8.X PARISC JavaGUI client A.08.27 : Potential security vulnerabilities have been identified in OpenView Operations (OVO) running on HP-UX and Solaris. These vulnerabilities may be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: SUN Alert 102995, 102997, CVE-2007-3922, CVE-2007-3698." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?88bac98f" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_37183 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/11/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/20"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/07/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11 11.23 11.31")) { exit(0, "The host is not affected since PHSS_37183 applies to a different OS release."); } patches = make_list("PHSS_37183", "PHSS_37566", "PHSS_38203", "PHSS_38854", "PHSS_39327", "PHSS_39896", "PHSS_40468", "PHSS_41213"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-ENG", version:"A.08.10.160")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-GUI", version:"A.08.10.160")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-JPN", version:"A.08.10.160")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-KOR", version:"A.08.10.160")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-SCH", version:"A.08.10.160")) flag++; if (hpux_check_patch(app:"OVOPC-WWW.OVOPC-WWW-SPA", version:"A.08.10.160")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SuSE Local Security Checks NASL id SUSE_JAVA-1_5_0-IBM-4544.NASL description The IBM Java JRE/SDK has been brought to release 1.5.0 SR5a, containing several bugfixes, including the following security fixes : - A buffer overflow vulnerability in the image parsing code in the Java(TM) Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-2788 / CVE-2007-2789 / CVE-2007-3004 / CVE-2007-3005) A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang. - A buffer overflow vulnerability in the Java Web Start URL parsing code may allow an untrusted application to elevate its privileges. For example, an application may grant itself permissions to read and write local files or execute local applications with the privileges of the user running the Java Web Start application. (CVE-2007-3655) - A security vulnerability in the Java Runtime Environment Applet Class Loader may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the local host, as if it were loaded from the system that the applet is running on. This may allow the untrusted remote applet the ability to exploit any security vulnerabilities existing in the services it has connected to. (CVE-2007-3922) For more information see: http://www-128.ibm.com/developerworks/java/jdk/alerts/ last seen 2020-06-01 modified 2020-06-02 plugin id 29475 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29475 title SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 4544) NASL family Scientific Linux Local Security Checks NASL id SL_20071128_JDK__JAVA__ON_SL5_X.NASL description A flaw in the applet caching mechanism of the Java Runtime Environment (JRE) did not correctly process the creation of network connections. A remote attacker could use this flaw to create connections to services on machines other than the one that the applet was downloaded from. (CVE-2007-5232) Multiple vulnerabilities existed in Java Web Start allowing an untrusted application to determine the location of the Java Web Start cache. (CVE-2007-5238) Untrusted Java Web Start Applications or Java Applets were able to drag and drop a file to a Desktop Application. A user-assisted remote attacker could use this flaw to move or copy arbitrary files. (CVE-2007-5239) The Java Runtime Environment (JRE) allowed untrusted Java Applets or applications to display oversized Windows. This could be used by remote attackers to hide security warning banners. (CVE-2007-5240) Unsigned Java Applets communicating via a HTTP proxy could allow a remote attacker to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5273) Unsigned Applets loaded with Mozilla Firefox or Opera browsers allowed remote attackers to violate the Java security model. A cached, malicious Applet could create network connections to services on other machines. (CVE-2007-5274) The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML. (CVE-2007-3503) The Java Web Start URL parsing component contained a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655) The JSSE component did not correctly process SSL/TLS handshake requests. A remote attacker who is able to connect to a JSSE-based service could trigger this flaw leading to a denial-of-service. (CVE-2007-3698) A flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet. (CVE-2007-3922) NOTE: These packages have been tested to not remove newer jdks (such as 1.6 or 1.7) last seen 2020-06-01 modified 2020-06-02 plugin id 60316 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60316 title Scientific Linux Security Update : jdk (java) on SL5.x i386/x86_64 NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_38147.NASL description s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 19 : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: CVE-2007-3698, CVE-2007-3922, SUN Alert 102995, 102997. (HPSBMA02384 SSRT071465) - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02392 SSRT071481) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). (HPSBMA02388 SSRT080059) last seen 2020-06-01 modified 2020-06-02 plugin id 39377 published 2009-06-15 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39377 title HP-UX PHSS_38147 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 19 NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200709-15.NASL description The remote host is affected by the vulnerability described in GLSA-200709-15 (BEA JRockit: Multiple vulnerabilities) An integer overflow vulnerability exists in the embedded ICC profile image parser (CVE-2007-2788), an unspecified vulnerability exists in the font parsing implementation (CVE-2007-4381), and an error exists when processing XSLT stylesheets contained in XSLT Transforms in XML signatures (CVE-2007-3716), among other vulnerabilities. Impact : A remote attacker could trigger the integer overflow to execute arbitrary code or crash the JVM through a specially crafted file. Also, an attacker could perform unauthorized actions via an applet that grants certain privileges to itself because of the font parsing vulnerability. The error when processing XSLT stylesheets can be exploited to execute arbitrary code. Other vulnerabilities could lead to establishing restricted network connections to certain services, Cross Site Scripting and Denial of Service attacks. Workaround : There is no known workaround at this time for all these vulnerabilities. last seen 2020-06-01 modified 2020-06-02 plugin id 26117 published 2007-09-25 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26117 title GLSA-200709-15 : BEA JRockit: Multiple vulnerabilities NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0818.NASL description Updated java-1.5.0-sun packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Java Runtime Environment (JRE) contains the software and tools that users need to run applets and applications written using the Java programming language. The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML. (CVE-2007-3503) The Java Web Start URL parsing component contained a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655) The JSSE component did not correctly process SSL/TLS handshake requests. A remote attacker who is able to connect to a JSSE-based service could trigger this flaw leading to a denial-of-service. (CVE-2007-3698) A flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet. (CVE-2007-3922) All users of java-sun-1.5.0 should upgrade to these packages, which contain Sun Java 1.5.0 Update 12 that corrects these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 63843 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63843 title RHEL 4 : java-1.5.0-sun (RHSA-2007:0818) NASL family Scientific Linux Local Security Checks NASL id SL_20080114_JDK__JAVA__ON_SL3_X.NASL description NOTE: This combination of rpm last seen 2020-06-01 modified 2020-06-02 plugin id 60344 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60344 title Scientific Linux Security Update : jdk (java) on SL3.x, SL4.x i386/x86_64 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0829.NASL description Updated java-1.5.0-ibm packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM last seen 2020-06-01 modified 2020-06-02 plugin id 40706 published 2009-08-24 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40706 title RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:0829) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_38148.NASL description s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 19 : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: CVE-2007-3698, CVE-2007-3922, SUN Alert 102995, 102997. (HPSBMA02384 SSRT071465) - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02392 SSRT071481) - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to allow cross site scripting (XSS). (HPSBMA02388 SSRT080059) last seen 2020-06-01 modified 2020-06-02 plugin id 39378 published 2009-06-15 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39378 title HP-UX PHSS_38148 : s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 19 NASL family SuSE Local Security Checks NASL id SUSE_JAVA-1_4_2-IBM-4542.NASL description The IBM Java JRE/SDK has been brought to release 1.4.2 SR9, containing several bugfixes, including the following security fixes : - A buffer overflow vulnerability in the image parsing code in the Java(TM) Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. (CVE-2007-2788 / CVE-2007-2789 / CVE-2007-3004 / CVE-2007-3005) A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang. - A buffer overflow vulnerability in the Java Web Start URL parsing code may allow an untrusted application to elevate its privileges. For example, an application may grant itself permissions to read and write local files or execute local applications with the privileges of the user running the Java Web Start application. (CVE-2007-3655) - A security vulnerability in the Java Runtime Environment Applet Class Loader may allow an untrusted applet that is loaded from a remote system to circumvent network access restrictions and establish socket connections to certain services running on the local host, as if it were loaded from the system that the applet is running on. This may allow the untrusted remote applet the ability to exploit any security vulnerabilities existing in the services it has connected to. (CVE-2007-3922) For more information see: http://www-128.ibm.com/developerworks/java/jdk/alerts/ last seen 2020-06-01 modified 2020-06-02 plugin id 29470 published 2007-12-13 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29470 title SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 4542) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37197.NASL description s700_800 11.11 OV ITO7.1X JavaGUI client A.08.27 : Potential security vulnerabilities have been identified in OpenView Operations (OVO) running on HP-UX and Solaris. These vulnerabilities may be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS). References: SUN Alert 102995, 102997, CVE-2007-3922, CVE-2007-3698. last seen 2020-06-01 modified 2020-06-02 plugin id 28272 published 2007-11-20 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28272 title HP-UX PHSS_37197 : HP OpenView Operations (OVO) Running on HP-UX and Solaris, Remote Unauthorized Access, Denial of Service (DoS) (HPSBMA02288 SSRT071465 rev.1)
Oval
| accepted | 2010-09-06T04:03:10.375-04:00 | ||||
| class | vulnerability | ||||
| contributors |
| ||||
| description | Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet. | ||||
| family | unix | ||||
| id | oval:org.mitre.oval:def:10387 | ||||
| status | accepted | ||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||
| title | Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an applet's outbound connections by connecting to certain localhost services running on the machine that loaded the applet. | ||||
| version | 6 |
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- http://dev2dev.bea.com/pub/advisory/248
- http://docs.info.apple.com/article.html?artnum=307177
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01269450
- http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
- http://secunia.com/advisories/26314
- http://secunia.com/advisories/26369
- http://secunia.com/advisories/26631
- http://secunia.com/advisories/26645
- http://secunia.com/advisories/26933
- http://secunia.com/advisories/27266
- http://secunia.com/advisories/27635
- http://secunia.com/advisories/28115
- http://secunia.com/advisories/30805
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.486841
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102995-1
- http://support.avaya.com/elmodocs2/security/ASA-2007-322.htm
- http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml
- http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html
- http://www.redhat.com/support/errata/RHSA-2007-0818.html
- http://www.redhat.com/support/errata/RHSA-2007-0829.html
- http://www.redhat.com/support/errata/RHSA-2008-0133.html
- http://www.securityfocus.com/bid/25054
- http://www.securitytracker.com/id?1018428
- http://www.vupen.com/english/advisories/2007/2573
- http://www.vupen.com/english/advisories/2007/3009
- http://www.vupen.com/english/advisories/2007/3861
- http://www.vupen.com/english/advisories/2007/4224
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35491
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10387