openSUSE Security Update : bsh2 (openSUSE-2016-351)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for bsh2 fixes the following issues :

- CVE-2016-2510: An application that includes BeanShell on
the classpath may be vulnerable if another part of the
application uses Java serialization or XStream to
deserialize data from an untrusted source.

Please see https://github.com/beanshell/beanshell/releases/tag/2.0b6
for more information.

This update was imported from the SUSE:SLE-12:Update update project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=967593
https://github.com/beanshell/beanshell/releases/tag/2.0b6

Solution :

Update the affected bsh2 packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 89976 ()

Bugtraq ID:

CVE ID: CVE-2016-2510

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now