This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- Multiple flaws were discovered in the Hotspot and
Libraries components in OpenJDK. An untrusted Java
application or applet could use these flaws to
completely bypass Java sandbox restrictions.
(CVE-2016-3606, CVE-2016-3598, CVE-2016-3610)
- Multiple denial of service flaws were found in the JAXP
component in OpenJDK. A specially crafted XML file could
cause a Java application using JAXP to consume an
excessive amount of CPU and memory when parsed.
- Multiple flaws were found in the CORBA and Hotsport
components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass certain Java
sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 92605 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now