SuSE 10 Security Update : IBM Java (ZYPP Patch Number 7926)

Critical Nessus Plugin ID 57658

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

IBM Java 1.6.0 SR10 has been released fixing the following CVE's :

- CVE-2011-3389

- CVE-2011-3516

- CVE-2011-3521

- CVE-2011-3544

- CVE-2011-3545

- CVE-2011-3546

- CVE-2011-3547

- CVE-2011-3548

- CVE-2011-3549

- CVE-2011-3550

- CVE-2011-3551

- CVE-2011-3552

- CVE-2011-3553

- CVE-2011-3554

- CVE-2011-3556

- CVE-2011-3557

- CVE-2011-3560

- CVE-2011-3561

Solution

Apply ZYPP patch number 7926.

See Also

http://support.novell.com/security/cve/CVE-2011-3389.html

http://support.novell.com/security/cve/CVE-2011-3516.html

http://support.novell.com/security/cve/CVE-2011-3521.html

http://support.novell.com/security/cve/CVE-2011-3544.html

http://support.novell.com/security/cve/CVE-2011-3545.html

http://support.novell.com/security/cve/CVE-2011-3546.html

http://support.novell.com/security/cve/CVE-2011-3547.html

http://support.novell.com/security/cve/CVE-2011-3548.html

http://support.novell.com/security/cve/CVE-2011-3549.html

http://support.novell.com/security/cve/CVE-2011-3550.html

http://support.novell.com/security/cve/CVE-2011-3551.html

http://support.novell.com/security/cve/CVE-2011-3552.html

http://support.novell.com/security/cve/CVE-2011-3553.html

http://support.novell.com/security/cve/CVE-2011-3554.html

http://support.novell.com/security/cve/CVE-2011-3556.html

http://support.novell.com/security/cve/CVE-2011-3557.html

http://support.novell.com/security/cve/CVE-2011-3560.html

http://support.novell.com/security/cve/CVE-2011-3561.html

Plugin Details

Severity: Critical

ID: 57658

File Name: suse_java-1_6_0-ibm-7926.nasl

Version: Revision: 1.11

Type: local

Agent: unix

Published: 2012/01/24

Updated: 2017/06/05

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/01/16

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Java RMI Server Insecure Default Configuration Java Code Execution)

Reference Information

CVE: CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561