SunJava System Web Proxy Server FTP Heap Overflow Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
13 Oct 2008
5323
Views
RISK: Medium Risk
A vulnerability has been identified in Sun Java System Web Proxy Server, which could be exploited by remote or local attackers to compromise a vulnerable system. This issue is caused by a heap overflow error in the FTP subsytem when processing malformed data, which could be exploited by remote attackers to crash an affected server or execute arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- Sun Java System Web Proxy Server versions 4.0 through 4.0.7
Solutions
Before installation of the software, please visit the software manufacturerweb-site for more details.
- Upgrade to to version 4.0.8:
https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_SMI-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=SJPrxySrv-4.0.8-OTH-G-F@CDS-CDS_SMIor apply patch:
- Apply patch 120981-15 (SPARC Platform) :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120981-15-1- Apply patch 120982-15 (x86 Platform) :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120982-15-1- Apply patch 120983-15 (Linux Platform) :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-120983-15-1- Apply patch 123532-05 (HP-UX Platform) :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-123532-05-1- Apply patch 126325-05 (Windows Platform) :
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-126325-05-1
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with