SuSE 11 / 11.1 Security Update : Java 1.6.0 (SAT Patch Numbers 3347 / 3349)

Critical Nessus Plugin ID 50919

Synopsis

The remote SuSE 11 host is missing one or more security updates.

Description

Sun Java 1.6.0 was updated to Security Update U22.

The release notes for this release are on:
http://www.oracle.com/technetwork/java/javase/6u22releasenotes-176121.
html

Security advisory page for this update:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-17625 8.html

Solution

Apply SAT patch number 3347 / 3349 as appropriate.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=646073

http://support.novell.com/security/cve/CVE-2009-3555.html

http://support.novell.com/security/cve/CVE-2010-1321.html

http://support.novell.com/security/cve/CVE-2010-3541.html

http://support.novell.com/security/cve/CVE-2010-3548.html

http://support.novell.com/security/cve/CVE-2010-3549.html

http://support.novell.com/security/cve/CVE-2010-3550.html

http://support.novell.com/security/cve/CVE-2010-3551.html

http://support.novell.com/security/cve/CVE-2010-3552.html

http://support.novell.com/security/cve/CVE-2010-3553.html

http://support.novell.com/security/cve/CVE-2010-3554.html

http://support.novell.com/security/cve/CVE-2010-3555.html

http://support.novell.com/security/cve/CVE-2010-3556.html

http://support.novell.com/security/cve/CVE-2010-3557.html

http://support.novell.com/security/cve/CVE-2010-3558.html

http://support.novell.com/security/cve/CVE-2010-3559.html

http://support.novell.com/security/cve/CVE-2010-3560.html

http://support.novell.com/security/cve/CVE-2010-3561.html

http://support.novell.com/security/cve/CVE-2010-3562.html

http://support.novell.com/security/cve/CVE-2010-3563.html

http://support.novell.com/security/cve/CVE-2010-3565.html

http://support.novell.com/security/cve/CVE-2010-3566.html

http://support.novell.com/security/cve/CVE-2010-3567.html

http://support.novell.com/security/cve/CVE-2010-3568.html

http://support.novell.com/security/cve/CVE-2010-3569.html

http://support.novell.com/security/cve/CVE-2010-3570.html

http://support.novell.com/security/cve/CVE-2010-3571.html

http://support.novell.com/security/cve/CVE-2010-3572.html

http://support.novell.com/security/cve/CVE-2010-3573.html

http://support.novell.com/security/cve/CVE-2010-3574.html

Plugin Details

Severity: Critical

ID: 50919

File Name: suse_11_java-1_6_0-sun-101019.nasl

Version: Revision: 1.13

Type: local

Agent: unix

Published: 2010/12/02

Updated: 2013/11/19

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:java-1_6_0-sun, p-cpe:/a:novell:suse_linux:11:java-1_6_0-sun-alsa, p-cpe:/a:novell:suse_linux:11:java-1_6_0-sun-demo, p-cpe:/a:novell:suse_linux:11:java-1_6_0-sun-jdbc, p-cpe:/a:novell:suse_linux:11:java-1_6_0-sun-plugin, p-cpe:/a:novell:suse_linux:11:java-1_6_0-sun-src, cpe:/o:novell:suse_linux:11

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/10/19

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Metasploit (Sun Java Web Start BasicServiceImpl Code Execution)

Reference Information

CVE: CVE-2009-3555, CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3552, CVE-2010-3553, CVE-2010-3554, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3559, CVE-2010-3560, CVE-2010-3561, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3570, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574

CWE: 310