RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)

Critical Nessus Plugin ID 78975

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated java-1.6.0-ibm packages that fix several security issues are
now available for Red Hat Network Satellite Server 5.4.

The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

This update corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite
Server 5.4. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets.

Several flaws were fixed in the IBM Java 2 Runtime Environment.
(CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0863,
CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869,
CVE-2011-0871, CVE-2011-0873, CVE-2011-3389, CVE-2011-3516,
CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546,
CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550,
CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3554,
CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3561,
CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498,
CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502,
CVE-2012-0503, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507,
CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532,
CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713,
CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719,
CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143,
CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342,
CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068,
CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073,
CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083,
CVE-2012-5084, CVE-2012-5089, CVE-2013-0169, CVE-2013-0351,
CVE-2013-0401, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423,
CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427,
CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434,
CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441,
CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446,
CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476,
CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486,
CVE-2013-1487, CVE-2013-1491, CVE-2013-1493, CVE-2013-1500,
CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1563,
CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2394, CVE-2013-2407, CVE-2013-2412, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422,
CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432,
CVE-2013-2433, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440,
CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446,
CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451,
CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455,
CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463,
CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468,
CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472,
CVE-2013-2473, CVE-2013-3743)

Users of Red Hat Network Satellite Server 5.4 are advised to upgrade
to these updated packages, which contain the IBM Java SE 6 SR14
release. For this update to take effect, Red Hat Network Satellite
Server must be restarted ('/usr/sbin/rhn-satellite restart'), as well
as all running instances of IBM Java.

Solution

Update the affected java-1.6.0-ibm and / or java-1.6.0-ibm-devel
packages.

RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSS v2.0

Vulnerability Information

Exploitable With

Reference Information