Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : ca-certificates-java vulnerability (USN-1197-7)

Ubuntu Security Notice (C) 2012-2013 Canonical, Inc. / NASL script (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

USN-1197-5 addressed an issue in ca-certificates pertaining to the
Dutch Certificate Authority DigiNotar mis-issuing fraudulent
certificates. This update provides the corresponding update for
ca-certificates-java.

It was discovered that Dutch Certificate Authority DigiNotar had
mis-issued multiple fraudulent certificates. These certificates could
allow an attacker to perform a 'man in the middle' (MITM) attack which
would make the user believe their connection is secure, but is
actually being monitored.

Solution :

Update the affected ca-certificates-java package.

Risk factor :

High

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 58511 ()

Bugtraq ID:

CVE ID: