Test ID:	1.3.6.1.4.1.25623.1.0.841768
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2124-2)
Summary:	The remote host is missing an update for the 'openjdk-6' package(s) announced via the USN-2124-2 advisory.
Description:	Summary: The remote host is missing an update for the 'openjdk-6' package(s) announced via the USN-2124-2 advisory. Vulnerability Insight: USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-0411) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2013-5878, CVE-2013-5907, CVE-2014-0373, CVE-2014-0422, CVE-2014-0428) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-5884, CVE-2014-0368) Two vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-5896, CVE-2013-5910) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-0376, CVE-2014-0416) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and availability. An attacker could exploit this to expose sensitive data over the network or cause a denial of service. (CVE-2014-0423) In addition to the above, USN-2033-1 fixed several vulnerabilities and bugs in OpenJDK 6. This update introduced a regression which caused an exception condition in javax.xml when instantiating encryption algorithms. This update fixes the problem. We apologize for the inconvenience. Affected Software/OS: 'openjdk-6' package(s) on Ubuntu 10.04, Ubuntu 12.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5878 BugTraq ID: 64758 http://www.securityfocus.com/bid/64758 BugTraq ID: 64927 http://www.securityfocus.com/bid/64927 HPdes Security Advisory: HPSBUX02972 http://marc.info/?l=bugtraq&m=139402697611681&w=2 HPdes Security Advisory: HPSBUX02973 http://marc.info/?l=bugtraq&m=139402749111889&w=2 HPdes Security Advisory: SSRT101454 HPdes Security Advisory: SSRT101455 http://osvdb.org/102005 RedHat Security Advisories: RHSA-2014:0026 http://rhn.redhat.com/errata/RHSA-2014-0026.html RedHat Security Advisories: RHSA-2014:0027 http://rhn.redhat.com/errata/RHSA-2014-0027.html RedHat Security Advisories: RHSA-2014:0030 http://rhn.redhat.com/errata/RHSA-2014-0030.html RedHat Security Advisories: RHSA-2014:0097 http://rhn.redhat.com/errata/RHSA-2014-0097.html RedHat Security Advisories: RHSA-2014:0134 http://rhn.redhat.com/errata/RHSA-2014-0134.html RedHat Security Advisories: RHSA-2014:0135 http://rhn.redhat.com/errata/RHSA-2014-0135.html RedHat Security Advisories: RHSA-2014:0414 https://access.redhat.com/errata/RHSA-2014:0414 http://www.securitytracker.com/id/1029608 http://secunia.com/advisories/56432 http://secunia.com/advisories/56485 http://secunia.com/advisories/56486 http://secunia.com/advisories/56535 SuSE Security Announcement: SUSE-SU-2014:0246 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html SuSE Security Announcement: SUSE-SU-2014:0266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html SuSE Security Announcement: SUSE-SU-2014:0451 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html SuSE Security Announcement: openSUSE-SU-2014:0174 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html SuSE Security Announcement: openSUSE-SU-2014:0177 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html SuSE Security Announcement: openSUSE-SU-2014:0180 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://www.ubuntu.com/usn/USN-2089-1 http://www.ubuntu.com/usn/USN-2124-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-5884 BugTraq ID: 64924 http://www.securityfocus.com/bid/64924 http://hg.openjdk.java.net/jdk7u/jdk7u/corba/rev/b1548473f261 http://osvdb.org/102016 XForce ISS Database: oracle-cpujan2014-cve20135884(90348) https://exchange.xforce.ibmcloud.com/vulnerabilities/90348 Common Vulnerability Exposure (CVE) ID: CVE-2013-5896 BugTraq ID: 64926 http://www.securityfocus.com/bid/64926 http://osvdb.org/102015 XForce ISS Database: oracle-cpujan2014-cve20135896(90347) https://exchange.xforce.ibmcloud.com/vulnerabilities/90347 Common Vulnerability Exposure (CVE) ID: CVE-2013-5907 BugTraq ID: 64894 http://www.securityfocus.com/bid/64894 http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1 http://osvdb.org/101995 RedHat Security Advisories: RHSA-2014:0136 http://rhn.redhat.com/errata/RHSA-2014-0136.html http://secunia.com/advisories/56487 Common Vulnerability Exposure (CVE) ID: CVE-2013-5910 BugTraq ID: 64933 http://www.securityfocus.com/bid/64933 http://osvdb.org/102021 XForce ISS Database: oracle-cpujan2014-cve20135910(90352) https://exchange.xforce.ibmcloud.com/vulnerabilities/90352 Common Vulnerability Exposure (CVE) ID: CVE-2014-0368 BugTraq ID: 64930 http://www.securityfocus.com/bid/64930 http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/e6160aedadd5 http://secunia.com/advisories/59235 http://secunia.com/advisories/59339 Common Vulnerability Exposure (CVE) ID: CVE-2014-0373 BugTraq ID: 64922 http://www.securityfocus.com/bid/64922 http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec Common Vulnerability Exposure (CVE) ID: CVE-2014-0376 BugTraq ID: 64907 http://www.securityfocus.com/bid/64907 http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/42be8e6266ab http://hg.openjdk.java.net/jdk7u/jdk7u/jaxp/rev/783ceae9b736 http://osvdb.org/102018 XForce ISS Database: oracle-cpujan2014-cve20140376(90350) https://exchange.xforce.ibmcloud.com/vulnerabilities/90350 Common Vulnerability Exposure (CVE) ID: CVE-2014-0411 BugTraq ID: 64918 http://www.securityfocus.com/bid/64918 http://osvdb.org/102028 http://secunia.com/advisories/57809 http://secunia.com/advisories/59037 http://secunia.com/advisories/59071 http://secunia.com/advisories/59082 http://secunia.com/advisories/59194 http://secunia.com/advisories/59251 http://secunia.com/advisories/59254 http://secunia.com/advisories/59283 http://secunia.com/advisories/59324 http://secunia.com/advisories/59665 http://secunia.com/advisories/59704 http://secunia.com/advisories/59705 http://secunia.com/advisories/59872 http://secunia.com/advisories/60005 http://secunia.com/advisories/60498 http://secunia.com/advisories/60833 http://secunia.com/advisories/60835 http://secunia.com/advisories/60836 XForce ISS Database: oracle-cpujan2014-cve20140411(90357) https://exchange.xforce.ibmcloud.com/vulnerabilities/90357 Common Vulnerability Exposure (CVE) ID: CVE-2014-0416 BugTraq ID: 64937 http://www.securityfocus.com/bid/64937 http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/abe1cb2d27cb http://osvdb.org/102017 http://secunia.com/advisories/59307 http://secunia.com/advisories/60568 XForce ISS Database: oracle-cpujan2014-cve20140416(90349) https://exchange.xforce.ibmcloud.com/vulnerabilities/90349 Common Vulnerability Exposure (CVE) ID: CVE-2014-0422 BugTraq ID: 64921 http://www.securityfocus.com/bid/64921 http://osvdb.org/101997 Common Vulnerability Exposure (CVE) ID: CVE-2014-0423 BugTraq ID: 64914 http://www.securityfocus.com/bid/64914 XForce ISS Database: oracle-cpujan2014-cve20140423(90340) https://exchange.xforce.ibmcloud.com/vulnerabilities/90340 Common Vulnerability Exposure (CVE) ID: CVE-2014-0428 BugTraq ID: 64935 http://www.securityfocus.com/bid/64935 http://hg.openjdk.java.net/jdk7u/jdk7u/corba/rev/0a879f00b698 http://osvdb.org/101996
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.