GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)

Critical Nessus Plugin ID 89904


The remote Gentoo host is missing one or more security-related patches.


The remote host is affected by the vulnerability described in GLSA-201603-11 (Oracle JRE/JDK: Multiple vulnerabilities)

Multiple vulnerabilities exist in both Oracle’s JRE and JDK. Please review the referenced CVE’s for additional information.
Impact :

Remote attackers could gain access to information, remotely execute arbitrary code, and cause Denial of Service.
Workaround :

There is no known workaround at this time.


All Oracle JRE Users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/oracle-jre-bin-' All Oracle JDK Users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-java/oracle-jdk-bin-'

See Also

Plugin Details

Severity: Critical

ID: 89904

File Name: gentoo_GLSA-201603-11.nasl

Version: $Revision: 2.7 $

Type: local

Published: 2016/03/14

Modified: 2017/08/31

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C


Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:oracle-jdk-bin, p-cpe:/a:gentoo:linux:oracle-jre-bin, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/03/12

Reference Information

CVE: CVE-2015-0437, CVE-2015-0458, CVE-2015-0459, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0484, CVE-2015-0486, CVE-2015-0488, CVE-2015-0491, CVE-2015-0492, CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2619, CVE-2015-2621, CVE-2015-2625, CVE-2015-2627, CVE-2015-2628, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2659, CVE-2015-2664, CVE-2015-4000, CVE-2015-4729, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4734, CVE-2015-4736, CVE-2015-4748, CVE-2015-4760, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4868, CVE-2015-4871, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4901, CVE-2015-4902, CVE-2015-4903, CVE-2015-4906, CVE-2015-4908, CVE-2015-4911, CVE-2015-4916, CVE-2015-7840

GLSA: 201603-11