Vulnerabilities > CVE-2020-2816

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
oracle
netapp
canonical
debian
opensuse
nessus

Summary

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Vulnerable Configurations

Part Description Count
Application
Oracle
104
Application
Netapp
37
OS
Canonical
3
OS
Debian
1
OS
Opensuse
1

Nessus

  • NASL familyWindows
    NASL idORACLE_JAVA_CPU_APR_2020.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 261, 8 Update 251, 11 Update 7, or 14 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components : - Oracle Java SE and Java SE Embedded are prone to a buffer overflow attack, over
    last seen2020-04-23
    modified2020-04-16
    plugin id135592
    published2020-04-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135592
    titleOracle Java SE 1.7.0_261 / 1.8.0_251 / 1.11.0_7 / 1.14.0_1 Multiple Vulnerabilities (Apr 2020 CPU)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include('compat.inc');
    
    if (description)
    {
      script_id(135592);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/17");
    
      script_cve_id(
        "CVE-2019-18197",
        "CVE-2020-2754",
        "CVE-2020-2755",
        "CVE-2020-2756",
        "CVE-2020-2757",
        "CVE-2020-2764",
        "CVE-2020-2767",
        "CVE-2020-2773",
        "CVE-2020-2778",
        "CVE-2020-2781",
        "CVE-2020-2800",
        "CVE-2020-2803",
        "CVE-2020-2805",
        "CVE-2020-2816",
        "CVE-2020-2830"
      );
      script_xref(name:"IAVA", value:"2020-A-0134-S");
    
      script_name(english:"Oracle Java SE 1.7.0_261 / 1.8.0_251 / 1.11.0_7 / 1.14.0_1 Multiple Vulnerabilities (Apr 2020 CPU)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is affected by multiple vulnerabilities");
      script_set_attribute(attribute:"description", value:
    "The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update
    261, 8 Update 251, 11 Update 7, or 14 Update 1. It is, therefore, affected by multiple vulnerabilities related to the
    following components :
    
      - Oracle Java SE and Java SE Embedded are prone to a buffer overflow attack, over 'Multiple' protocol.
        This issue affects the 'JavaFX (libxslt)' component. Successful attacks of this vulnerability allow 
        unauthenticated attacker with network access to takeover of Java SE. (CVE-2019-18197)
    
      - Oracle Java SE and Java SE Embedded are prone to partial denial of service (partial DOS) vulnerability.
        An unauthenticated remote attacker can exploit this over 'Multiple' protocol. This issue affects the
        'Scripting' component. (CVE-2020-2754, CVE-2020-2755)
    
      - Oracle Java SE and Java SE Embedded are prone to partial denial of service (partial DOS) vulnerability.
        An unauthenticated remote attacker can exploit this over 'Multiple' protocol. This issue affects the
        'Serialization' component. (CVE-2020-2756, CVE-2020-2757)
    
      - Oracle Java SE prone to unauthorized read access vulnerability. An unauthenticated remote attacker can
        exploit this over 'Multiple' protocol can result in unauthorized read access to a subset of Java SE
        accessible data. This issue affects the 'Advanced Management Console' component. (CVE-2020-2764)
    
      - Oracle Java SE and Java SE Embedded are prone to unauthorized write/read access vulnerability. An
        unauthenticated remote attacker over 'HTTPS' can read, update, insert or delete access to some of Java SE
        accessible data. This issue affects the 'JSSE' component. (CVE-2020-2767)
    
      - Oracle Java SE and Java SE Embedded are prone to partial denial of service (partial DOS) vulnerability.
        An unauthenticated remote attacker can exploit this over 'Multiple' protocol. This issue affects the
        'Scripting' component. (CVE-2020-2773)
    
    It is also affected by other vulnerabilities; please see vendor advisories for more information.
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/a/tech/docs/cpuapr2020cvrf.xml");
      script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpuapr2020.html");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to Oracle JDK / JRE 14 Update 1 , 11 Update 7, 8 Update 251 , 7 Update 261 or later.
    If necessary, remove any affected versions.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-2800");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/14");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/16");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jre");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:jdk");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Windows");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("sun_java_jre_installed.nasl");
      script_require_keys("SMB/Java/JRE/Installed");
    
      exit(0);
    }
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    
    # Check each installed JRE.
    installs = get_kb_list_or_exit("SMB/Java/JRE/*");
    
    info = "";
    vuln = 0;
    installed_versions = "";
    
    foreach install (list_uniq(keys(installs)))
    {
      ver = install - "SMB/Java/JRE/";
      if (ver !~ "^[0-9.]+") continue;
    
      installed_versions = installed_versions + " & " + ver;
    
      # Fixes : (JDK|JRE) 13 Update 2 / 11 Update 6 / 8 Update 214 / 7 Update 251 
      if (
        ver_compare(minver:"1.7.0", ver:ver, fix:"1.7.0_261", regexes:{0:"_(\d+)"}, strict:FALSE) < 0 ||
        ver_compare(minver:"1.8.0", ver:ver, fix:"1.8.0_251", regexes:{0:"_(\d+)"}, strict:FALSE) < 0 ||
        ver_compare(minver:"1.11.0", ver:ver, fix:"1.11.0_7", regexes:{0:"_(\d+)"}, strict:FALSE) < 0 ||
        ver_compare(minver:"1.13.0", ver:ver, fix:"1.14.0_1", regexes:{0:"_(\d+)"}, strict:FALSE) < 0 
    
      )
      {
        dirs = make_list(get_kb_list(install));
        vuln += max_index(dirs);
    
        foreach dir (dirs)
          info += '\n  Path              : ' + dir;
    
        info += '\n  Installed version : ' + ver;
        info += '\n  Fixed version     : 1.7.0_261 / 1.8.0_251 / 1.11.0_7 / 1.14.0_1\n';
      }
    }
    
    # Report if any were found to be vulnerable.
    if (info)
    {
      port = get_kb_item("SMB/transport");
      if (!port) port = 445;
    
      if (vuln > 1) s = "s of Java are";
      else s = " of Java is";
    
      report =
        '\n' +
        'The following vulnerable instance'+s+' installed on the\n' +
        'remote host :\n' +
        info;
      security_report_v4(severity:SECURITY_WARNING, port:port, extra:report);
    }
    else
    {
      installed_versions = substr(installed_versions, 3);
      if (" & " >< installed_versions)
        exit(0, "The Java "+installed_versions+" installations on the remote host are not affected.");
      else
        audit(AUDIT_INST_VER_NOT_VULN, "Java", installed_versions);
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1514.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1514 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-30
    modified2020-04-21
    plugin id135861
    published2020-04-21
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135861
    titleRHEL 8 : java-11-openjdk (RHSA-2020:1514)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2020:1514. The text
    # itself is copyright (C) Red Hat, Inc.
    #
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(135861);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/23");
    
      script_cve_id(
        "CVE-2020-2754",
        "CVE-2020-2755",
        "CVE-2020-2756",
        "CVE-2020-2757",
        "CVE-2020-2767",
        "CVE-2020-2773",
        "CVE-2020-2778",
        "CVE-2020-2781",
        "CVE-2020-2800",
        "CVE-2020-2803",
        "CVE-2020-2805",
        "CVE-2020-2816",
        "CVE-2020-2830"
      );
      script_xref(name:"RHSA", value:"2020:1514");
    
      script_name(english:"RHEL 8 : java-11-openjdk (RHSA-2020:1514)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Red Hat host is missing one or more security updates.");
      script_set_attribute(attribute:"description", value:
    "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
    referenced in the RHSA-2020:1514 advisory.
    
      - OpenJDK: Misplaced regular expression syntax error check
        in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)
    
      - OpenJDK: Incorrect handling of empty string nodes in
        regular expression Parser (Scripting, 8223904)
        (CVE-2020-2755)
    
      - OpenJDK: Incorrect handling of references to
        uninitialized class descriptors during deserialization
        (Serialization, 8224541) (CVE-2020-2756)
    
      - OpenJDK: Uncaught InstantiationError exception in
        ObjectStreamClass (Serialization, 8224549)
        (CVE-2020-2757)
    
      - OpenJDK: Incorrect handling of Certificate messages
        during TLS handshake (JSSE, 8232581) (CVE-2020-2767)
    
      - OpenJDK: Unexpected exceptions raised by
        DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,
        8231415) (CVE-2020-2773)
    
      - OpenJDK: Incomplete enforcement of algorithm
        restrictions for TLS (JSSE, 8232424) (CVE-2020-2778)
    
      - OpenJDK: Re-use of single TLS session for new
        connections (JSSE, 8234408) (CVE-2020-2781)
    
      - OpenJDK: CRLF injection into HTTP headers in HttpServer
        (Lightweight HTTP Server, 8234825) (CVE-2020-2800)
    
      - OpenJDK: Incorrect bounds checks in NIO Buffers
        (Libraries, 8234841) (CVE-2020-2803)
    
      - OpenJDK: Incorrect type checks in
        MethodType.readObject() (Libraries, 8235274)
        (CVE-2020-2805)
    
      - OpenJDK: Application data accepted before TLS handshake
        completion (JSSE, 8235691) (CVE-2020-2816)
    
      - OpenJDK: Regular expression DoS in Scanner (Concurrency,
        8236201) (CVE-2020-2830)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/358.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/327.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/113.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/119.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/20.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/358.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/185.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/400.html");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1514");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2754");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2755");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2756");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2757");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2767");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2773");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2778");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2781");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2800");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2803");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2805");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2816");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2830");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823199");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823200");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823215");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823216");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823224");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823527");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823542");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823694");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823844");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823853");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823879");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823947");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823960");
      script_set_attribute(attribute:"solution", value:
    "Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-2800");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_cwe_id(20, 113, 119, 185, 248, 327, 358, 400);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/21");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/21");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:enterprise_linux:8::appstream");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-javadoc-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-jmods");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-src");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Red Hat Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    include('rpm.inc');
    
    if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item('Host/RedHat/release');
    if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
    
    if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item('Host/cpu');
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
    
    pkgs = [
        {'reference':'java-11-openjdk-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-debugsource-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-debugsource-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-debugsource-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-demo-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-demo-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-demo-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-devel-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-devel-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-devel-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-headless-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-headless-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-headless-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-jmods-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-jmods-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-jmods-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-src-11.0.7.10-1.el8_1', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-src-11.0.7.10-1.el8_1', 'cpu':'s390x', 'release':'8', 'epoch':'1'},
        {'reference':'java-11-openjdk-src-11.0.7.10-1.el8_1', 'cpu':'x86_64', 'release':'8', 'epoch':'1'}
    ];
    
    flag = 0;
    foreach package_array ( pkgs ) {
      reference = NULL;
      release = NULL;
      sp = NULL;
      cpu = NULL;
      el_string = NULL;
      rpm_spec_vers_cmp = NULL;
      epoch = NULL;
      if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
      if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
      if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
      if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
      if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
      if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
      if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
      if (reference && release) {
        if (rpm_spec_vers_cmp) {
          if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++;
        }
        else
        {
          if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++;
        }
      }
    }
    
    if (flag)
    {
      security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-11-openjdk / java-11-openjdk-debugsource / java-11-openjdk-demo / etc');
    }
    
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-3_0-0083_OPENJDK8.NASL
    descriptionAn update of the openjdk8 package has been released.
    last seen2020-05-03
    modified2020-04-29
    plugin id136095
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136095
    titlePhoton OS 3.0: Openjdk8 PHSA-2020-3.0-0083
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2020-3.0-0083. The text
    # itself is copyright (C) VMware, Inc.
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(136095);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/01");
    
      script_cve_id(
        "CVE-2020-2754",
        "CVE-2020-2755",
        "CVE-2020-2756",
        "CVE-2020-2757",
        "CVE-2020-2767",
        "CVE-2020-2773",
        "CVE-2020-2778",
        "CVE-2020-2781",
        "CVE-2020-2800",
        "CVE-2020-2803",
        "CVE-2020-2805",
        "CVE-2020-2816",
        "CVE-2020-2830"
      );
    
      script_name(english:"Photon OS 3.0: Openjdk8 PHSA-2020-3.0-0083");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the openjdk8 package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-3.0-83.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-2800");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/29");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:openjdk8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:3.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 3\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 3.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"openjdk8-1.8.0.252-1.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"openjdk8-debuginfo-1.8.0.252-1.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"openjdk8-doc-1.8.0.252-1.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"openjdk8-sample-1.8.0.252-1.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", cpu:"x86_64", reference:"openjdk8-src-1.8.0.252-1.ph3")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "openjdk8");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1517.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1517 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-30
    modified2020-04-22
    plugin id135908
    published2020-04-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135908
    titleRHEL 8 : java-11-openjdk (RHSA-2020:1517)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2020:1517. The text
    # itself is copyright (C) Red Hat, Inc.
    #
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(135908);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/23");
    
      script_cve_id(
        "CVE-2020-2754",
        "CVE-2020-2755",
        "CVE-2020-2756",
        "CVE-2020-2757",
        "CVE-2020-2767",
        "CVE-2020-2773",
        "CVE-2020-2778",
        "CVE-2020-2781",
        "CVE-2020-2800",
        "CVE-2020-2803",
        "CVE-2020-2805",
        "CVE-2020-2816",
        "CVE-2020-2830"
      );
      script_xref(name:"RHSA", value:"2020:1517");
    
      script_name(english:"RHEL 8 : java-11-openjdk (RHSA-2020:1517)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Red Hat host is missing one or more security updates.");
      script_set_attribute(attribute:"description", value:
    "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
    referenced in the RHSA-2020:1517 advisory.
    
      - OpenJDK: Misplaced regular expression syntax error check
        in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)
    
      - OpenJDK: Incorrect handling of empty string nodes in
        regular expression Parser (Scripting, 8223904)
        (CVE-2020-2755)
    
      - OpenJDK: Incorrect handling of references to
        uninitialized class descriptors during deserialization
        (Serialization, 8224541) (CVE-2020-2756)
    
      - OpenJDK: Uncaught InstantiationError exception in
        ObjectStreamClass (Serialization, 8224549)
        (CVE-2020-2757)
    
      - OpenJDK: Incorrect handling of Certificate messages
        during TLS handshake (JSSE, 8232581) (CVE-2020-2767)
    
      - OpenJDK: Unexpected exceptions raised by
        DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,
        8231415) (CVE-2020-2773)
    
      - OpenJDK: Incomplete enforcement of algorithm
        restrictions for TLS (JSSE, 8232424) (CVE-2020-2778)
    
      - OpenJDK: Re-use of single TLS session for new
        connections (JSSE, 8234408) (CVE-2020-2781)
    
      - OpenJDK: CRLF injection into HTTP headers in HttpServer
        (Lightweight HTTP Server, 8234825) (CVE-2020-2800)
    
      - OpenJDK: Incorrect bounds checks in NIO Buffers
        (Libraries, 8234841) (CVE-2020-2803)
    
      - OpenJDK: Incorrect type checks in
        MethodType.readObject() (Libraries, 8235274)
        (CVE-2020-2805)
    
      - OpenJDK: Application data accepted before TLS handshake
        completion (JSSE, 8235691) (CVE-2020-2816)
    
      - OpenJDK: Regular expression DoS in Scanner (Concurrency,
        8236201) (CVE-2020-2830)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/358.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/248.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/327.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/113.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/119.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/20.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/358.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/185.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/400.html");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1517");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2754");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2755");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2756");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2757");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2767");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2773");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2778");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2781");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2800");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2803");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2805");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2816");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2020-2830");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823199");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823200");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823215");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823216");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823224");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823527");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823542");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823694");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823844");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823853");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823879");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823947");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1823960");
      script_set_attribute(attribute:"solution", value:
    "Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-2800");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_cwe_id(20, 113, 119, 185, 248, 327, 358, 400);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/22");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_e4s:8.0::appstream");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8.0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-javadoc-zip");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-jmods");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:java-11-openjdk-src");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Red Hat Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    include('rpm.inc');
    
    if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item('Host/RedHat/release');
    if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
    
    if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item('Host/cpu');
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
    
    pkgs = [
        {'reference':'java-11-openjdk-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-debugsource-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-debugsource-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-debugsource-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-demo-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-demo-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-demo-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-devel-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-devel-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-devel-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-headless-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-headless-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-headless-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-javadoc-zip-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-jmods-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-jmods-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-jmods-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-src-11.0.7.10-1.el8_0', 'cpu':'aarch64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-src-11.0.7.10-1.el8_0', 'cpu':'s390x', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
        {'reference':'java-11-openjdk-src-11.0.7.10-1.el8_0', 'cpu':'x86_64', 'release':'8', 'el_string':'el8_0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
    ];
    
    flag = 0;
    foreach package_array ( pkgs ) {
      reference = NULL;
      release = NULL;
      sp = NULL;
      cpu = NULL;
      el_string = NULL;
      rpm_spec_vers_cmp = NULL;
      epoch = NULL;
      if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
      if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
      if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
      if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
      if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
      if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
      if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
      if (reference && release) {
        if (rpm_spec_vers_cmp) {
          if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++;
        }
        else
        {
          if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++;
        }
      }
    }
    
    if (flag)
    {
      security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-11-openjdk / java-11-openjdk-debugsource / java-11-openjdk-demo / etc');
    }
    
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-757.NASL
    descriptionThis update for java-11-openjdk fixes the following issues : Java was updated to jdk-11.0.7+10 (April 2020 CPU, bsc#1169511). Security issues fixed : - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2755: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2756: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). - CVE-2020-2757: Fixed an object deserialization issue that could have resulted in denial of service via crafted serialized input (bsc#1169511). - CVE-2020-2767: Fixed an incorrect handling of certificate messages during TLS handshakes (bsc#1169511). - CVE-2020-2773: Fixed the incorrect handling of exceptions thrown by unmarshalKeyInfo() and unmarshalXMLSignature() (bsc#1169511). - CVE-2020-2778: Fixed the incorrect handling of SSLParameters in setAlgorithmConstraints(), which could have been abused to override the defined systems security policy and lead to the use of weak crypto algorithms (bsc#1169511). - CVE-2020-2781: Fixed the incorrect re-use of single null TLS sessions (bsc#1169511). - CVE-2020-2800: Fixed an HTTP header injection issue caused by mishandling of CR/LF in header values (bsc#1169511). - CVE-2020-2803: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511). - CVE-2020-2805: Fixed a boundary check and type check issue that could have led to a sandbox bypass (bsc#1169511). - CVE-2020-2816: Fixed an incorrect handling of application data packets during TLS handshakes (bsc#1169511). - CVE-2020-2830: Fixed an incorrect handling of regular expressions that could have resulted in denial of service (bsc#1169511). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-10
    modified2020-06-04
    plugin id137132
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137132
    titleopenSUSE Security Update : java-11-openjdk (openSUSE-2020-757)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update openSUSE-2020-757.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(137132);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/09");
    
      script_cve_id("CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2767", "CVE-2020-2773", "CVE-2020-2778", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2816", "CVE-2020-2830");
    
      script_name(english:"openSUSE Security Update : java-11-openjdk (openSUSE-2020-757)");
      script_summary(english:"Check for the openSUSE-2020-757 patch");
    
      script_set_attribute(
        attribute:"synopsis",
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "This update for java-11-openjdk fixes the following issues :
    
    Java was updated to jdk-11.0.7+10 (April 2020 CPU, bsc#1169511).
    
    Security issues fixed :
    
      - CVE-2020-2754: Fixed an incorrect handling of regular
        expressions that could have resulted in denial of
        service (bsc#1169511).
    
      - CVE-2020-2755: Fixed an incorrect handling of regular
        expressions that could have resulted in denial of
        service (bsc#1169511).
    
      - CVE-2020-2756: Fixed an incorrect handling of regular
        expressions that could have resulted in denial of
        service (bsc#1169511).
    
      - CVE-2020-2757: Fixed an object deserialization issue
        that could have resulted in denial of service via
        crafted serialized input (bsc#1169511).
    
      - CVE-2020-2767: Fixed an incorrect handling of
        certificate messages during TLS handshakes
        (bsc#1169511).
    
      - CVE-2020-2773: Fixed the incorrect handling of
        exceptions thrown by unmarshalKeyInfo() and
        unmarshalXMLSignature() (bsc#1169511).
    
      - CVE-2020-2778: Fixed the incorrect handling of
        SSLParameters in setAlgorithmConstraints(), which could
        have been abused to override the defined systems
        security policy and lead to the use of weak crypto
        algorithms (bsc#1169511).
    
      - CVE-2020-2781: Fixed the incorrect re-use of single null
        TLS sessions (bsc#1169511).
    
      - CVE-2020-2800: Fixed an HTTP header injection issue
        caused by mishandling of CR/LF in header values
        (bsc#1169511).
    
      - CVE-2020-2803: Fixed a boundary check and type check
        issue that could have led to a sandbox bypass
        (bsc#1169511).
    
      - CVE-2020-2805: Fixed a boundary check and type check
        issue that could have led to a sandbox bypass
        (bsc#1169511).
    
      - CVE-2020-2816: Fixed an incorrect handling of
        application data packets during TLS handshakes
        (bsc#1169511).
    
      - CVE-2020-2830: Fixed an incorrect handling of regular
        expressions that could have resulted in denial of
        service (bsc#1169511).
    
    This update was imported from the SUSE:SLE-15:Update update project."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1167462"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1169511"
      );
      script_set_attribute(
        attribute:"solution",
        value:"Update the affected java-11-openjdk packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-2800");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-accessibility");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-accessibility-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-headless");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-javadoc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-jmods");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:java-11-openjdk-src");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/06/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/04");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-accessibility-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-accessibility-debuginfo-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-debuginfo-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-debugsource-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-demo-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-devel-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-headless-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-javadoc-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-jmods-11.0.7.0-lp151.3.16.1") ) flag++;
    if ( rpm_check(release:"SUSE15.1", reference:"java-11-openjdk-src-11.0.7.0-lp151.3.16.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "java-11-openjdk / java-11-openjdk-accessibility / etc");
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2020-1509.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1509 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-05-01
    plugin id136196
    published2020-05-01
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136196
    titleCentOS 7 : java-11-openjdk (CESA-2020:1509)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-1_0-0290_OPENJDK11.NASL
    descriptionAn update of the openjdk11 package has been released.
    last seen2020-05-03
    modified2020-04-29
    plugin id136109
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136109
    titlePhoton OS 1.0: Openjdk11 PHSA-2020-1.0-0290
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-1514.NASL
    descriptionFrom Red Hat Security Advisory 2020:1514 : The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1514 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-04-24
    plugin id135955
    published2020-04-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135955
    titleOracle Linux 8 : java-11-openjdk (ELSA-2020-1514)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2020-1509.NASL
    descriptionFrom Red Hat Security Advisory 2020:1509 : The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1509 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-06
    modified2020-04-24
    plugin id135951
    published2020-04-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135951
    titleOracle Linux 7 : java-11-openjdk (ELSA-2020-1509)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-2_0-0235_OPENJDK8.NASL
    descriptionAn update of the openjdk8 package has been released.
    last seen2020-05-08
    modified2020-05-05
    plugin id136334
    published2020-05-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136334
    titlePhoton OS 2.0: Openjdk8 PHSA-2020-2.0-0235
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4662.NASL
    descriptionSeveral vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS handshakes, bypass of sandbox restrictions or HTTP response splitting attacks.
    last seen2020-04-30
    modified2020-04-27
    plugin id135982
    published2020-04-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135982
    titleDebian DSA-4662-1 : openjdk-11 - security update
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-1_0-0290_OPENJDK.NASL
    descriptionAn update of the openjdk package has been released.
    last seen2020-05-03
    modified2020-04-29
    plugin id136108
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136108
    titlePhoton OS 1.0: Openjdk PHSA-2020-1.0-0290
  • NASL familyMisc.
    NASL idORACLE_JAVA_CPU_APR_2020_UNIX.NASL
    descriptionThe version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 7 Update 261, 8 Update 251, 11 Update 7, or 14 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components : - Oracle Java SE and Java SE Embedded are prone to a buffer overflow attack, over
    last seen2020-05-23
    modified2020-04-16
    plugin id135591
    published2020-04-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135591
    titleOracle Java SE 1.7.0_261 / 1.8.0_251 / 1.11.0_7 / 1.14.0_1 Multiple Vulnerabilities (Apr 2020 CPU) (Unix)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20200421_JAVA_11_OPENJDK_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)
    last seen2020-04-30
    modified2020-04-22
    plugin id135887
    published2020-04-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135887
    titleScientific Linux Security Update : java-11-openjdk on SL7.x x86_64 (20200421)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-2_0-0235_OPENJDK11.NASL
    descriptionAn update of the openjdk11 package has been released.
    last seen2020-05-08
    modified2020-05-05
    plugin id136333
    published2020-05-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136333
    titlePhoton OS 2.0: Openjdk11 PHSA-2020-2.0-0235
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4337-1.NASL
    descriptionIt was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted regular expression. (CVE-2020-2754, CVE-2020-2755) It was discovered that OpenJDK incorrectly handled class descriptors and catching exceptions during object stream deserialization. An attacker could possibly use this issue to cause a denial of service while processing a specially crafted serialized input. (CVE-2020-2756, CVE-2020-2757) Bengt Jonsson, Juraj Somorovsky, Kostis Sagonas, Paul Fiterau Brostean and Robert Merget discovered that OpenJDK incorrectly handled certificate messages during TLS handshake. An attacker could possibly use this issue to bypass certificate verification and insert, edit or obtain sensitive information. This issue only affected OpenJDK 11. (CVE-2020-2767) It was discovered that OpenJDK incorrectly handled exceptions thrown by unmarshalKeyInfo() and unmarshalXMLSignature(). An attacker could possibly use this issue to cause a denial of service while reading key info or XML signature data from XML input. (CVE-2020-2773) Peter Dettman discovered that OpenJDK incorrectly handled SSLParameters in setAlgorithmConstraints(). An attacker could possibly use this issue to override the defined systems security policy and lead to the use of weak crypto algorithms that should be disabled. This issue only affected OpenJDK 11. (CVE-2020-2778) Simone Bordet discovered that OpenJDK incorrectly re-used single null TLS sessions for new TLS connections. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2020-2781) Dan Amodio discovered that OpenJDK did not restrict the use of CR and LF characters in values for HTTP headers. An attacker could possibly use this issue to insert, edit or obtain sensitive information. (CVE-2020-2800) Nils Emmerich discovered that OpenJDK incorrectly checked boundaries or argument types. An attacker could possibly use this issue to bypass sandbox restrictions causing unspecified impact. (CVE-2020-2803, CVE-2020-2805) It was discovered that OpenJDK incorrectly handled application data packets during TLS handshake. An attacker could possibly use this issue to insert, edit or obtain sensitive information. This issue only affected OpenJDK 11. (CVE-2020-2816) It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-2830). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-04-30
    modified2020-04-24
    plugin id135967
    published2020-04-24
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135967
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.10 : openjdk-8, openjdk-lts vulnerabilities (USN-4337-1)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2020-1410.NASL
    descriptionFurther information about this update can be found in the Corretto 11 change log (https://github.com/corretto/corretto-11/blob/develop/CHANGELOG.md)
    last seen2020-04-30
    modified2020-04-16
    plugin id135595
    published2020-04-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135595
    titleAmazon Linux 2 : java-11-amazon-corretto (ALAS-2020-1410)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1509.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1509 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757) - OpenJDK: Incorrect handling of Certificate messages during TLS handshake (JSSE, 8232581) (CVE-2020-2767) - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) - OpenJDK: Incomplete enforcement of algorithm restrictions for TLS (JSSE, 8232424) (CVE-2020-2778) - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) - OpenJDK: Application data accepted before TLS handshake completion (JSSE, 8235691) (CVE-2020-2816) - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-30
    modified2020-04-22
    plugin id135905
    published2020-04-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135905
    titleRHEL 7 : java-11-openjdk (RHSA-2020:1509)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2020-3_0-0084_OPENJDK11.NASL
    descriptionAn update of the openjdk11 package has been released.
    last seen2020-05-03
    modified2020-04-29
    plugin id136100
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136100
    titlePhoton OS 3.0: Openjdk11 PHSA-2020-3.0-0084

Redhat

rpms
  • java-11-openjdk-1:11.0.7.10-4.el7_8
  • java-11-openjdk-debuginfo-1:11.0.7.10-4.el7_8
  • java-11-openjdk-demo-1:11.0.7.10-4.el7_8
  • java-11-openjdk-devel-1:11.0.7.10-4.el7_8
  • java-11-openjdk-headless-1:11.0.7.10-4.el7_8
  • java-11-openjdk-javadoc-1:11.0.7.10-4.el7_8
  • java-11-openjdk-javadoc-zip-1:11.0.7.10-4.el7_8
  • java-11-openjdk-jmods-1:11.0.7.10-4.el7_8
  • java-11-openjdk-src-1:11.0.7.10-4.el7_8
  • java-11-openjdk-1:11.0.7.10-1.el8_1
  • java-11-openjdk-debuginfo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-debugsource-1:11.0.7.10-1.el8_1
  • java-11-openjdk-demo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-devel-1:11.0.7.10-1.el8_1
  • java-11-openjdk-devel-debuginfo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-headless-1:11.0.7.10-1.el8_1
  • java-11-openjdk-headless-debuginfo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-javadoc-1:11.0.7.10-1.el8_1
  • java-11-openjdk-javadoc-zip-1:11.0.7.10-1.el8_1
  • java-11-openjdk-jmods-1:11.0.7.10-1.el8_1
  • java-11-openjdk-slowdebug-debuginfo-1:11.0.7.10-1.el8_1
  • java-11-openjdk-src-1:11.0.7.10-1.el8_1
  • java-11-openjdk-1:11.0.7.10-1.el8_0
  • java-11-openjdk-debuginfo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-debugsource-1:11.0.7.10-1.el8_0
  • java-11-openjdk-demo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-devel-1:11.0.7.10-1.el8_0
  • java-11-openjdk-devel-debuginfo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-devel-slowdebug-debuginfo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-headless-1:11.0.7.10-1.el8_0
  • java-11-openjdk-headless-debuginfo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-headless-slowdebug-debuginfo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-javadoc-1:11.0.7.10-1.el8_0
  • java-11-openjdk-javadoc-zip-1:11.0.7.10-1.el8_0
  • java-11-openjdk-jmods-1:11.0.7.10-1.el8_0
  • java-11-openjdk-slowdebug-debuginfo-1:11.0.7.10-1.el8_0
  • java-11-openjdk-src-1:11.0.7.10-1.el8_0