Security Lab

Переполнение буфера в продуктах Sun Java System

Дата публикации:12.06.2007
Всего просмотров:1477
Опасность:
Высокая
Наличие исправления: Да
Количество уязвимостей:1
CVE ID: CVE-2007-0008
CVE-2007-0009
Вектор эксплуатации: Удаленная
Воздействие: Компрометация системы
CWE ID: Нет данных
Наличие эксплоита: Нет данных
Уязвимые продукты: Sun Java System Web Server (Sun ONE/iPlanet) 6.x
Sun Java System Application Server 8.x
Sun Java System Web Proxy Server 4.x
Sun Java System Web Server 7.x
Уязвимые версии:
Sun Java System Application Server 8.x
Sun Java System Web Proxy Server 4.x
Sun Java System Web Server (Sun ONE/iPlanet) 6.x
Sun Java System Web Server 7.x

Описание:
Уязвимость позволяет удаленному пользователю выполнить произвольный код на целевой системе.

Подробное описание уязвимости:
www.securitylab.ru/vulnerability/291475.php

URL производителя: www.sun.com

Решение: Установите исправление с сайта производителя.

-- SPARC Platform --

Sun Java System Application Server Enterprise Edition 8.1 2005 Q1:
Apply (file-based) patch 119169-16 or later or (SVR4) patch 119166-24 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119169-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119166-24-1

Sun Java System Application Server Platform Edition 8.1 2005 Q1:
Apply (file-based) patch 119173-16 or later or (SVR4) patch 119166-24 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119173-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119166-24-1

Sun Java System Web Proxy Server 4.0:
Apply Service Pack 5 or later.
http://www.sun.com/download/products.xml?id=4648dc96

-- x86 Platform --

Sun Java System Application Server Enterprise Edition 8.1 2005 Q1:
Apply (file-based) patch 119170-16 or later or (SVR4) patch 119167-24 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119170-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119167-24-1

Sun Java System Application Server Platform Edition 8.1 2005 Q1:
Apply (file-based) patch 119174-16 or later or (SVR4) patch 119167-24 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119174-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119167-24-1

Sun Java System Web Proxy Server 4.0:
Apply Service Pack 5 or later.
http://www.sun.com/download/products.xml?id=4648dc96

-- Linux Platform --

Sun Java System Application Server Enterprise Edition 8.1 2005 Q1:
Apply (file-based) patch 119171-16 or later or RHEL2.1/RHEL3.0 (Pkg_patch) 119168-24 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119171-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119168-24-1

Sun Java System Application Server Platform Edition 8.1 2005 Q1:
Apply (file-based) patch 119175-16 or later or RHEL2.1/RHEL3.0 (Pkg_patch) 119168-24 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119175-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119168-24-1

Sun Java System Web Proxy Server 4.0:
Apply Service Pack 5 or later.
http://www.sun.com/download/products.xml?id=4648dc96

-- HP-UX Platform --

Sun Java System Web Proxy Server 4.0:
Apply Service Pack 5 or later.
http://www.sun.com/download/products.xml?id=4648dc96

-- Windows Platform --

Sun Java System Application Server Enterprise Edition 8.1 2005 Q1:
Apply (file-based) patch 119172-16 or later or (package based patch) 122848-09 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119172-16-1
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-122848-09-1

Sun Java System Application Server Platform Edition 8.1 2005 Q1:
Apply (file-based) patch 119176-16 or later.
http://sunsolve.sun.com/search/docume...setkey=urn:cds:docid:1-21-119176-16-1

Sun Java System Web Proxy Server 4.0:
Apply Service Pack 5 or later.
http://www.sun.com/download/products.xml?id=4648dc96

Ссылки: Security Vulnerabilities in the Network Security Services (NSS) Library May Affect Sun Java System Application Server, Web Server and Web Proxy Server