This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Security Fix(es) :
- An insufficient bytecode verification flaw was
discovered in the Hotspot component in OpenJDK. An
untrusted Java application or applet could use this flaw
to completely bypass Java sandbox restrictions.
- Multiple denial of service flaws were found in the JAXP
component in OpenJDK. A specially crafted XML file could
cause a Java application using JAXP to consume an
excessive amount of CPU and memory when parsed.
- Multiple flaws were found in the CORBA and Hotsport
components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass certain Java
sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.8
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 93150 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now