Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084) - Nessus

High   Plugin ID: 46176

This page contains detailed information about the Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Table Of Contents
hide

Plugin Overview

ID: 46176
Name: Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084)
Filename: mandriva_MDVSA-2010-084.nasl
Vulnerability Published: N/A
This Plugin Published: 2010-04-29
Last Modification Time: 2021-01-06
Plugin Version: 1.25
Plugin Type: local
Plugin Family: Mandriva Local Security Checks
Dependencies: ssh_get_info.nasl
Required KB Items [?]: Host/cpu, Host/local_checks_enabled, Host/Mandrake/release, Host/Mandrake/rpm-list

Vulnerability Information

Severity: High
Vulnerability Published: N/A
Patch Published: 2010-04-28
CVE [?]: CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0845, CVE-2010-0847, CVE-2010-0848
CPE [?]: cpe:/o:mandriva:linux:2009.0, cpe:/o:mandriva:linux:2009.1, cpe:/o:mandriva:linux:2010.0, p-cpe:/a:mandriva:linux:java-1.6.0-openjdk, p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-demo, p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-devel, p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-javadoc, p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-plugin, p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-src
Exploited by Malware: True

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Multiple Java OpenJDK security vulnerabilities has been identified and fixed :

- TLS: MITM attacks via session renegotiation (CVE-2009-3555).

- Loader-constraint table allows arrays instead of only the b ase-classes (CVE-2010-0082).

- Policy/PolicyFile leak dynamic ProtectionDomains. (CVE-2010-0084).

- File TOCTOU deserialization vulnerability (CVE-2010-0085).

- Inflater/Deflater clone issues (CVE-2010-0088).

- Unsigned applet can retrieve the dragged information before drop action occurs (CVE-2010-0091).

- AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error (CVE-2010-0092).

- System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes (CVE-2010-0093).

- Deserialization of RMIConnectionImpl objects should enforce stricter checks (CVE-2010-0094).

- Subclasses of InetAddress may incorrectly interpret network addresses (CVE-2010-0095).

- JAR unpack200 must verify input parameters (CVE-2010-0837).

- CMM readMabCurveData Buffer Overflow Vulnerability (CVE-2010-0838).

- Applet Trusted Methods Chaining Privilege Escalation Vulnerability (CVE-2010-0840).

- No ClassCastException for HashAttributeSet constructors if run with -Xcomp (CVE-2010-0845)

- ImagingLib arbitrary code execution vulnerability (CVE-2010-0847).

- AWT Library Invalid Index Vulnerability (CVE-2010-0848).

Additional security issues that was fixed with IcedTea6 1.6.2 :

- deprecate MD2 in SSL cert validation (CVE-2009-2409).

- ICC_Profile file existence detection information leak (CVE-2009-3728).

- JRE AWT setDifflCM stack overflow (CVE-2009-3869).

- JRE AWT setBytePixels heap overflow (CVE-2009-3871).

- JPEG Image Writer quantization problem (CVE-2009-3873).

- ImageI/O JPEG heap overflow (CVE-2009-3874).

- MessageDigest.isEqual introduces timing attack vulnerabilities (CVE-2009-3875).

- OpenJDK ASN.1/DER input stream parser denial of service (CVE-2009-3876, CVE-2009-3877)

- GraphicsConfiguration information leak (CVE-2009-3879).

- UI logging information leakage (CVE-2009-3880).

- resurrected classloaders can still have children (CVE-2009-3881).

- Numerous static security flaws in Swing (findbugs) (CVE-2009-3882).

- Mutable statics in Windows PL&F (findbugs) (CVE-2009-3883).

- zoneinfo file existence information leak (CVE-2009-3884).

- BMP parsing DoS with UNC ICC links (CVE-2009-3885).

Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found and fixed a bug in IcedTea6 1.8 that is also applied to the provided packages :

- plugin/icedteanp/IcedTeaNPPlugin.cc (plugin_filter_environment): Increment malloc size by one to account for NULL terminator. Bug# 474.

Packages for 2009.0 are provided due to the Extended Maintenance Program.

Solution

Update the affected packages.

Public Exploits

Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub, Immunity Canvas, Core Impact)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084) vulnerability:

  1. Metasploit: exploit/multi/browser/java_trusted_chain
    [Java Statement.invoke() Trusted Method Chain Privilege Escalation]
  2. Metasploit: exploit/multi/browser/java_rmi_connection_impl
    [Java RMIConnectionImpl Deserialization Privilege Escalation]
  3. Metasploit: exploit/multi/browser/java_setdifficm_bof
    [Sun Java JRE AWT setDiffICM Buffer Overflow]
  4. Exploit-DB: exploits/multiple/remote/10579.py
    [EDB-10579: TLS - Renegotiation]
  5. Exploit-DB: exploits/windows/remote/10715.rb
    [EDB-10715: HP Application Recovery Manager - 'OmniInet.exe' Remote Buffer Overflow]
  6. Exploit-DB: exploits/windows/remote/15056.py
    [EDB-15056: Java 6.19 CMM readMabCurveData - Remote Stack Overflow]
  7. Exploit-DB: exploits/multiple/remote/16297.rb
    [EDB-16297: Java - 'Statement.invoke()' Trusted Method Chain (Metasploit)]
  8. Exploit-DB: exploits/multiple/remote/16298.rb
    [EDB-16298: Sun Java - JRE AWT setDiffICM Buffer Overflow (Metasploit)]
  9. Exploit-DB: exploits/multiple/remote/16305.rb
    [EDB-16305: Java - RMIConnectionImpl Deserialization Privilege Escalation (Metasploit)]
  10. GitHub: https://github.com/GiJ03/ReconScan
    [CVE-2009-3555]
  11. GitHub: https://github.com/RedHatProductSecurity/CVE-HOWTO
    [CVE-2009-3555]
  12. GitHub: https://github.com/RoliSoft/ReconScan
    [CVE-2009-3555]
  13. GitHub: https://github.com/ekiojp/hanase
    [CVE-2009-3555]
  14. GitHub: https://github.com/galeone/letsencrypt-lighttpd
    [CVE-2009-3555]
  15. GitHub: https://github.com/issdp/test
    [CVE-2009-3555]
  16. GitHub: https://github.com/johnwchadwick/cve-2009-3555-test-server
    [CVE-2009-3555: A TLS server using a vendored fork of the Go TLS stack that has renegotation ...]
  17. GitHub: https://github.com/matoweb/Enumeration-Script
    [CVE-2009-3555]
  18. GitHub: https://github.com/withdk/pulse-secure-vpn-mitm-research
    [CVE-2009-3555]
  19. GitHub: https://github.com/offensive-security/exploitdb-bin-sploits/blob/master/bin-sploits/15056.zip
    [EDB-15056]
  20. Immunity Canvas: CANVAS

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

CVSS V2 Vector [?]: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C
CVSS Base Score:9.3 (High)
Impact Subscore:10.0
Exploitability Subscore:8.6
CVSS Temporal Score:8.1 (High)
CVSS Environmental Score:NA (None)
Modified Impact Subscore:NA
Overall CVSS Score:8.1 (High)

Go back to menu.

Plugin Source

This is the mandriva_MDVSA-2010-084.nasl nessus plugin source code. This script is Copyright (C) 2010-2021 Tenable Network Security, Inc. 

#%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2010:084. 
# The text itself is copyright (C) Mandriva S.A.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(46176);
  script_version("1.25");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id(
    "CVE-2009-2409",
    "CVE-2009-3555",
    "CVE-2009-3728",
    "CVE-2009-3869",
    "CVE-2009-3871",
    "CVE-2009-3873",
    "CVE-2009-3874",
    "CVE-2009-3875",
    "CVE-2009-3876",
    "CVE-2009-3877",
    "CVE-2009-3879",
    "CVE-2009-3880",
    "CVE-2009-3881",
    "CVE-2009-3882",
    "CVE-2009-3883",
    "CVE-2009-3884",
    "CVE-2009-3885",
    "CVE-2010-0082",
    "CVE-2010-0084",
    "CVE-2010-0085",
    "CVE-2010-0088",
    "CVE-2010-0091",
    "CVE-2010-0092",
    "CVE-2010-0093",
    "CVE-2010-0094",
    "CVE-2010-0095",
    "CVE-2010-0837",
    "CVE-2010-0838",
    "CVE-2010-0840",
    "CVE-2010-0845",
    "CVE-2010-0847",
    "CVE-2010-0848"
  );
  script_bugtraq_id(
    36881,
    36935,
    39065,
    39069,
    39071,
    39072,
    39075,
    39078,
    39081,
    39085,
    39086,
    39088,
    39089,
    39090,
    39093,
    39094,
    39096
  );
  script_xref(name:"MDVSA", value:"2010:084");

  script_name(english:"Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple Java OpenJDK security vulnerabilities has been identified and
fixed :

  - TLS: MITM attacks via session renegotiation
    (CVE-2009-3555).

    - Loader-constraint table allows arrays instead of only
      the b ase-classes (CVE-2010-0082).

  - Policy/PolicyFile leak dynamic ProtectionDomains.
    (CVE-2010-0084).

    - File TOCTOU deserialization vulnerability
      (CVE-2010-0085).

    - Inflater/Deflater clone issues (CVE-2010-0088).

    - Unsigned applet can retrieve the dragged information
      before drop action occurs (CVE-2010-0091).

  - AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error
    (CVE-2010-0092).

  - System.arraycopy unable to reference elements beyond
    Integer.MAX_VALUE bytes (CVE-2010-0093).

  - Deserialization of RMIConnectionImpl objects should
    enforce stricter checks (CVE-2010-0094).

  - Subclasses of InetAddress may incorrectly interpret
    network addresses (CVE-2010-0095).

  - JAR unpack200 must verify input parameters
    (CVE-2010-0837).

    - CMM readMabCurveData Buffer Overflow Vulnerability
      (CVE-2010-0838).

    - Applet Trusted Methods Chaining Privilege Escalation
      Vulnerability (CVE-2010-0840).

  - No ClassCastException for HashAttributeSet constructors
    if run with -Xcomp (CVE-2010-0845)

  - ImagingLib arbitrary code execution vulnerability
    (CVE-2010-0847).

    - AWT Library Invalid Index Vulnerability
      (CVE-2010-0848).

Additional security issues that was fixed with IcedTea6 1.6.2 :

  - deprecate MD2 in SSL cert validation (CVE-2009-2409).

    - ICC_Profile file existence detection information leak
      (CVE-2009-3728).

  - JRE AWT setDifflCM stack overflow (CVE-2009-3869).

    - JRE AWT setBytePixels heap overflow (CVE-2009-3871).

    - JPEG Image Writer quantization problem
      (CVE-2009-3873).

    - ImageI/O JPEG heap overflow (CVE-2009-3874).

    - MessageDigest.isEqual introduces timing attack
      vulnerabilities (CVE-2009-3875).

  - OpenJDK ASN.1/DER input stream parser denial of service
    (CVE-2009-3876, CVE-2009-3877)

  - GraphicsConfiguration information leak (CVE-2009-3879).

    - UI logging information leakage (CVE-2009-3880).

    - resurrected classloaders can still have children
      (CVE-2009-3881).

    - Numerous static security flaws in Swing (findbugs)
      (CVE-2009-3882).

    - Mutable statics in Windows PL&amp;F (findbugs)
      (CVE-2009-3883).

    - zoneinfo file existence information leak
      (CVE-2009-3884).

    - BMP parsing DoS with UNC ICC links (CVE-2009-3885).

Additionally Paulo Cesar Pereira de Andrade (pcpa) at Mandriva found
and fixed a bug in IcedTea6 1.8 that is also applied to the provided
packages :

  - plugin/icedteanp/IcedTeaNPPlugin.cc
    (plugin_filter_environment): Increment malloc size by
    one to account for NULL terminator. Bug# 474.

Packages for 2009.0 are provided due to the Extended Maintenance
Program."
  );
  # http://article.gmane.org/gmane.comp.java.openjdk.distro-packaging.devel/8938
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?5cab9dbb"
  );
  # http://blogs.sun.com/darcy/resource/OpenJDK_6/openjdk6-b18-changes-summary.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c2055f25"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://icedtea.classpath.org/hg/release/icedtea6-1.8/rev/a6a02193b073"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java Statement.invoke() Trusted Method Chain Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');
  script_cwe_id(22, 119, 189, 200, 264, 310, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.6.0-openjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-demo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-plugin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:java-1.6.0-openjdk-src");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/04/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/04/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK2009.0", reference:"java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.0", reference:"java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.0", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2009.1", reference:"java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2009.1", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2009.1", reference:"java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2009.1", yank:"mdv")) flag++;

if (rpm_check(release:"MDK2010.0", reference:"java-1.6.0-openjdk-1.6.0.0-2.b18.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"java-1.6.0-openjdk-demo-1.6.0.0-2.b18.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"java-1.6.0-openjdk-devel-1.6.0.0-2.b18.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"java-1.6.0-openjdk-javadoc-1.6.0.0-2.b18.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"java-1.6.0-openjdk-plugin-1.6.0.0-2.b18.2mdv2010.0", yank:"mdv")) flag++;
if (rpm_check(release:"MDK2010.0", reference:"java-1.6.0-openjdk-src-1.6.0.0-2.b18.2mdv2010.0", yank:"mdv")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

The latest version of this script can be found in these locations depending on your platform:

  • Linux / Unix:
    /opt/nessus/lib/nessus/plugins/mandriva_MDVSA-2010-084.nasl
  • Windows:
    C:\ProgramData\Tenable\Nessus\nessus\plugins\mandriva_MDVSA-2010-084.nasl
  • Mac OS X:
    /Library/Nessus/run/lib/nessus/plugins/mandriva_MDVSA-2010-084.nasl

Go back to menu.

How to Run

Here is how to run the Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

  1. Click to start a New Scan.
  2. Select Advanced Scan.
  3. Navigate to the Plugins tab.
  4. On the top right corner click to Disable All plugins.
  5. On the left side table select Mandriva Local Security Checks plugin family.
  6. On the right side table select Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2010:084) plugin ID 46176.
  7. Specify the target on the Settings tab and click to Save the scan.
  8. Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl mandriva_MDVSA-2010-084.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a mandriva_MDVSA-2010-084.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - mandriva_MDVSA-2010-084.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state mandriva_MDVSA-2010-084.nasl -t <IP/HOST>

Go back to menu.

References

BID | SecurityFocus Bugtraq ID: MDVSA | Mandriva Security Advisory:
  • 2010:084
CWE | Common Weakness Enumeration:
  • CWE-22 (Weakness) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • CWE-119 (Weakness) Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-189 (Category) Numeric Errors
  • CWE-200 (Weakness) Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-264 (Category) Permissions, Privileges, and Access Controls
  • CWE-310 (Category) Cryptographic Issues
  • CWE-399 (Category) Resource Management Errors
See also: Similar and related Nessus plugins:
  • 45485 - Ubuntu 9.10 : nss vulnerability (USN-927-1)
  • 45492 - openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)
  • 45494 - openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)
  • 45495 - openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0102-2)
  • 45496 - openSUSE Security Update : libfreebl3 (openSUSE-SU-2010:0100-1)
  • 45497 - openSUSE Security Update : seamonkey (openSUSE-SU-2010:0102-1)
  • 45498 - SuSE 10 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, MozillaFirefox-translations, mozilla-xulrunner191, mozilla-xulrunner191-devel, mozilla-xulrunner191-gnomevfs, mozilla-xulrunner191-translations, python-xpcom191 (ZYPP Patch Number 6970)
  • 45499 - SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 6977)
  • 45500 - SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6976)
  • 45522 - openSUSE Security Update : firefox35upgrade (firefox35upgrade-2262)
  • 45523 - openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-2261)
  • 45524 - openSUSE Security Update : MozillaFirefox-branding-openSUSE (MozillaFirefox-branding-openSUSE-2281)
  • 45525 - openSUSE Security Update : firefox35upgrade (firefox35upgrade-2262)
  • 45526 - openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-2261)
  • 45527 - openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0102-3)
  • 45563 - Mandriva Linux Security Advisory : openssl (MDVSA-2010:076-1)
  • 46173 - IBM DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities
  • 46187 - openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)
  • 46189 - openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)
  • 46191 - openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2010:0182-1)
  • 46272 - RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2010:0155)
  • 46273 - RHEL 5 : openssl (RHSA-2010:0162)
  • 46274 - RHEL 3 / 4 : openssl (RHSA-2010:0163)
  • 46275 - RHEL 5 : openssl097a (RHSA-2010:0164)
  • 46276 - RHEL 4 / 5 : nss (RHSA-2010:0165)
  • 46277 - RHEL 5 : gnutls (RHSA-2010:0166)
  • 46278 - RHEL 4 : gnutls (RHSA-2010:0167)
  • 46292 - RHEL 3 / 4 : seamonkey (RHSA-2010:0333)
  • 46293 - RHEL 4 / 5 : java-1.6.0-sun (RHSA-2010:0337)
  • 46294 - RHEL 4 / 5 : java-1.5.0-sun (RHSA-2010:0338)
  • 46295 - RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0339)
  • 46304 - RHEL 4 / 5 : java-1.6.0-ibm (RHSA-2010:0383)
  • 46673 - Mac OS X : Java for Mac OS X 10.5 Update 7
  • 46674 - Mac OS X : Java for Mac OS X 10.6 Update 2

Version

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file mandriva_MDVSA-2010-084.nasl version 1.25. For more plugins, visit the Nessus Plugin Library.

Go back to menu.