openSUSE 10 Security Update : derby (derby-4091)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

Apache Derby did not determine schema privilege requirements during
the DropSchemaNode bind phase, which allows remote authenticated users
to execute arbitrary drop schema statements in SQL authorization mode.

This update also brings a new requirement of a Java 1.5 JRE.

Solution :

Update the affected derby package.

Risk factor :

Medium / CVSS Base Score : 4.0

Family: SuSE Local Security Checks

Nessus Plugin ID: 28224 ()

Bugtraq ID:

CVE ID: CVE-2006-7217

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now