AIX Java Advisory : java_feb2015_advisory.asc (POODLE)
Critical Nessus Plugin ID 81491
SynopsisThe remote AIX host has a version of Java SDK installed that is affected by multiple vulnerabilities.
DescriptionThe version of Java SDK installed on the remote host is affected by the following vulnerabilities :
- A man-in-the-middle (MitM) information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. (CVE-2014-3566)
- Information disclosure flaws exist in the font parsing code in the 2D component in OpenJDK. A specially crafted font file can exploit boundary check flaws and allow an untrusted Java applet or application to disclose portions of the Java Virtual Machine memory.
- A NULL pointer dereference flaw exists in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java applet or application can use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587)
- The SSL/TLS implementation in the JSSE component in OpenJDK fails to properly check whether the ChangeCipherSpec was received during a SSL/TLS connection handshake. An MitM attacker can use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593)
- An unspecified privilege escalation vulnerability exists in IBM Java Virtual Machine. (CVE-2014-8891)
- An unspecified information disclosure vulnerability exists in the Libraries component of Oracle Java SE.
- An unspecified information disclosure vulnerability exists in the Deployment component of Oracle Java SE.
- Unspecified denial of service and information disclosure vulnerabilities exist in the Deployment component of Oracle Java SE. (CVE-2015-0406)
- An information disclosure vulnerability exists in the Swing component in OpenJDK. An untrusted Java applet or application can use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407)
- Multiple improper permission check vulnerabilities exist in the JAX-WS, Libraries, and RMI components in OpenJDK.
An untrusted Java applet or application can use these flaws to bypass Java sandbox restrictions.
(CVE-2015-0412, CVE-2014-6549, CVE-2015-0408)
- A denial of service vulnerability exists in the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK when handling negative length values. A specially crafted, DER-encoded input can cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410)
SolutionFixes are available by version and can be downloaded from the IBM AIX website.