SuSE 10 Security Update : IBM Java 1.4.2 (ZYPP Patch Number 7908)

Critical Nessus Plugin ID 57683

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

IBM Java 1.4.2 SR13 FP11 has been released and contains various security fixes.

http://www.ibm.com/developerworks/java/jdk/alerts/ http://www.mozilla.org/en-US/firefox/10.0/releasenotes/

(CVEs fixed: CVE-2011-3547 / CVE-2011-3548 / CVE-2011-3549 / CVE-2011-3552 / CVE-2011-3545 / CVE-2011-3556 / CVE-2011-3557 / CVE-2011-3389 / CVE-2011-3560 )

Solution

Apply ZYPP patch number 7908.

See Also

http://support.novell.com/security/cve/CVE-2011-3389.html

http://support.novell.com/security/cve/CVE-2011-3545.html

http://support.novell.com/security/cve/CVE-2011-3547.html

http://support.novell.com/security/cve/CVE-2011-3548.html

http://support.novell.com/security/cve/CVE-2011-3549.html

http://support.novell.com/security/cve/CVE-2011-3552.html

http://support.novell.com/security/cve/CVE-2011-3556.html

http://support.novell.com/security/cve/CVE-2011-3557.html

http://support.novell.com/security/cve/CVE-2011-3560.html

Plugin Details

Severity: Critical

ID: 57683

File Name: suse_java-1_4_2-ibm-7908.nasl

Version: Revision: 1.7

Type: local

Agent: unix

Published: 2012/01/25

Updated: 2017/06/05

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/01/05

Exploitable With

Metasploit (Java RMI Server Insecure Default Configuration Java Code Execution)

Reference Information

CVE: CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560