 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.123679 |
| Categoría: | Oracle Linux Local Security Checks |
| Título: | Oracle: Security Advisory (ELSA-2013-0602) |
| Resumen: | The remote host is missing an update for the 'java-1.7.0-openjdk' package(s) announced via the ELSA-2013-0602 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'java-1.7.0-openjdk' package(s) announced via the ELSA-2013-0602 advisory. Vulnerability Insight: [1.7.0.9-2.3.8.0.0.1.el6_4] - Update DISTRO_NAME in specfile [1.7.0.9-2.3.8.0el6] - Revert to rhel 6.3 version of spec file - Revert to icedtea7 2.3.8 forest - Resolves: rhbz#917183 [1.7.0.11-2.4.0.pre5.el6] - Update to latest snapshot of icedtea7 2.4 forest - Resolves: rhbz#917183 [1.7.0.9-2.4.0.pre4.3.el6] - Updated to icedtea 2.4.0.pre4, - Rewritten (again) patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre3.3.el6] - Updated to icedtea 2.4.0.pre3, updated! - Rewritten patch3 java-1.7.0-openjdk-java-access-bridge-security.patch - Resolves: rhbz#911530 [1.7.0.9-2.4.0.pre2.3.el6] - Removed testing - mauve was outdated and - jtreg was icedtea relict - Updated to icedtea 2.4.0.pre2, updated? - Added java -Xshare:dump to post (see 513605)forjitarchs - Resolves: rhbz#911530 [1.7.0.11-2.4.0.2.el6] - Unapplied but kept (for 2.3revert) patch110, java-1.7.0-openjdk-nss-icedtea-e9c857dcb964.patch - Added and applied patch113: java-1.7.0-openjdk-aes-update_reset.patch - Added and applied patch114: java-1.7.0-openjdk-nss-tck.patch - Added and applied patch115: java-1.7.0-openjdk-nss-split_results.patch - NSS enabled by default - enable_nss set to 1 - rewritten patch109 - java-1.7.0-openjdk-nss-config-1.patch - rewritten patch111 - java-1.7.0-openjdk-nss-config-2.patch - Resolves: rhbz#831734 [1.7.0.11-2.4.0.1.el6] - Rewritten patch105: java-1.7.0-openjdk-disable-system-lcms.patch - Added jxmd and idlj to alternatives - make executed with DISABLE_INTREE_EC=true and UNLIMITED_CRYPTO=true - Unapplied patch302 and deleted systemtap.patch - buildver increased to 11 - icedtea_version set to 2.4.0 - Added and applied patch112 java-1.7.openjdk-doNotUseDisabledEcc.patch - removed tmp-patches source tarball - Added /lib/security/US_export_policy.jar and lib/security/local_policy.jar - Disabled nss - enable_nss set to 0 - Resolves: rhbz#895034 Affected Software/OS: 'java-1.7.0-openjdk' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-0809 BugTraq ID: 58296 http://www.securityfocus.com/bid/58296 Cert/CC Advisory: TA13-064A http://www.us-cert.gov/ncas/alerts/TA13-064A CERT/CC vulnerability note: VU#688246 http://www.kb.cert.org/vuls/id/688246 http://security.gentoo.org/glsa/glsa-201406-32.xml HPdes Security Advisory: HPSBUX02857 http://marc.info/?l=bugtraq&m=136439120408139&w=2 HPdes Security Advisory: HPSBUX02864 http://marc.info/?l=bugtraq&m=136570436423916&w=2 HPdes Security Advisory: SSRT101103 HPdes Security Advisory: SSRT101156 http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19320 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19479 RedHat Security Advisories: RHSA-2013:0601 http://rhn.redhat.com/errata/RHSA-2013-0601.html RedHat Security Advisories: RHSA-2013:0603 http://rhn.redhat.com/errata/RHSA-2013-0603.html RedHat Security Advisories: RHSA-2013:0604 http://rhn.redhat.com/errata/RHSA-2013-0604.html RedHat Security Advisories: RHSA-2013:1455 http://rhn.redhat.com/errata/RHSA-2013-1455.html RedHat Security Advisories: RHSA-2013:1456 http://rhn.redhat.com/errata/RHSA-2013-1456.html SuSE Security Announcement: SUSE-SU-2013:0434 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00011.html SuSE Security Announcement: SUSE-SU-2013:0701 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html SuSE Security Announcement: openSUSE-SU-2013:0430 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html SuSE Security Announcement: openSUSE-SU-2013:0438 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00012.html http://www.ubuntu.com/usn/USN-1755-2 Common Vulnerability Exposure (CVE) ID: CVE-2013-1493 BugTraq ID: 58238 http://www.securityfocus.com/bid/58238 http://www.exploit-db.com/exploits/24904 HPdes Security Advisory: HPSBMU02964 http://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04117626-1 http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html http://www.symantec.com/connect/blogs/latest-java-zero-day-shares-connections-bit9-security-incident https://krebsonsecurity.com/2013/03/new-java-0-day-attack-echoes-bit9-breach/ https://twitter.com/jduck1337/status/307629902574800897 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19477 http://www.securitytracker.com/id/1029803 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |