Updates to Detection of Java on Unix/Linux

Summary

The Java Detection and Identification (Linux/Unix) plugin has been updated to provide detections while avoiding a reported vulnerability and potential privilege escalation. 

Change

As a part of Tenable’s response to TNS-2023-21, a vulnerability reported by CrowdStrike researcher Patrick Romero, Nessus plugin 147817 has been updated. The plugin identifies the distribution and version of Java on Linux and Unix systems.

The plugin uses a variety of methods to perform this detection. Previously, one of the methods used in some cases was to execute the java runtime binary with a -version argument and read the output. This method has been removed from the plugin, and replaced with different methods that provide equivalent detection.

Impact

Customers should notice no material difference in the operation or findings from this plugin. In weeks of testing, Tenable researchers have seen parity in detection between the previous and current methods. If customers feel detection has been affected by this change, please contact Tenable Customer Support.

Plugin

147817 - Java Detection and Identification (Linux/Unix)

Target Release Date

June 26, 2023