« A Web Developer's Best... | Main | Sun Java SE 6 Sees the... »

HTTP Request Smuggling Tackled By Sun

Filed in archive Security by gautam on December 11, 2006

A latest advisory from Sun states that there is a bug in a number of its server products making them the target of HTTP Request Smuggling attacks. This has increased the chances of web cache poisoning coupled with firewall deception and prevention systems intrusion links

. Also there is a chance of hijacking of HTTP sessions and cross site scripting attacks.

All this happens in case Sun Java System Proxy Server is used along with Java System Application Server or the Sun Java System Web Server. This problem was brought to notice by Watchfire last year and it's still not clear why it took so long for Sun to take a note of this problem. In order to tackle this problem, Sun has released the latest updates in Sun Java System Application Server, Sun Java System Web Server, Sun Java System Web Proxy Server and Sun ONE Application Server. Click here for the updates.

Permalink: HTTP Request Smuggling Tackled By Sun
Tags: HTTP Request Smuggling sun sun microsystems java vulnerability ajax request+smuggling

Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/45363

Related Entries:

Smuggling Cellphones - 16 September 2006

Fällt Open Source? - 21 März 2007

PHP-Klasse::Karatag Google Maps HTTP Request - 12 April 2007

PEAR::HTTP_Request in Version 1.4.1 veröffentlicht - 19 Mai 2007

Vote for HTTP Request Smuggling Tackled By Sun:

Currently 9.33/10
1
2
3
4
5
6
7
8
9
10

Rating: 9.3 out of 3 vote(s) cast.

CW Toolbar
RSS	\| See all blog subscribe options
Google	\| What is RSS?
Yahoo!
Addthis
Bloglines
Newsletter

Advertisement - Book yours here.

Check out our Sponsored Blogs!
The Mobile Technology Weblog
latest news from

The JavaScript Framework Long Tail

Audible Ajax Episode 29: Interview with Google’s Gavin Doughtie

Cappuccino and Objective-J released as opensource

jTPS: Animated Sortable Datagrid jQuery plugin

gameQuery:

Dojo Multifile Uploader with Flash

Zend Framework 1.6: Dojo, SOAP, Testing, Tooling, and more

IE 8 Security and nosniff

Adding Custom Tags To Internet Explorer, The Official Way

Brendan discusses how TraceMonkey is climbing faster; Ruby on the Web with V8

Audible Ajax Episode 28: The State of Ajax, with Chrome and friends

Coverflow again…. with Canvas

Drag and drop via sneaky Textarea hack

Xsstc: Cross-site scripting through CSS data

QUnit: A simple look at the jQuery unit test framework

Google Chrome, Chromium, and V8

Firefox implements 3 CSS properties: text-shadow, -moz-box-shadow and -moz-column-rule

This Week in HTML5; Open Web Podcast with Anne van Kesteren

toStaticHTML: Sanitize your HTML in IE 8

addSizes.js: automatic link file-size generation

Get the Newsletter

Browser Plug-ins
Client-side Frameworks
Interaction Design/
Graphic Design/User Experience
JavaScript
Programming Techniques
Security
Server-side Frameworks

Advertisement -
Book yours here..

Our Editors recommend
Ajaxian
Bokardo
Bruce Eckel's Weblog
Daniweb
Java Posse
Joel on Software
Martin Fowler's Bliki
Mashable
Rick Hightower's Sleepless Night in Tucson
Service-Oriented Architecture
TechCrunch
techno.blog ("Dion")
Tinou's Work Blog
Tor Norbye's Weblog

Contributors (Last 90 days)
Gautam Chhabra (35)
This site has 635 entries and is powered by Creative Weblogging since September 2005.
Do you want to start or edit an existing blog for us and get paid? More info.
Do you want to advertise on this blog? We have great ideas!
Do you have tips for us? Send them!

Discover Java Entrepreneur on your cell phone! Simply type the URL of your favorite blog in your mobile browser.

Advertise with us
Learn more about our advertising options, visit our shop or give Sonja a call at +1 (650) 331 8047.
NEW you can also chat with us.

Security Cameras
Would you like to have a new interactive marketing channel for your company? Learn more about Sponsored Blogs with Creative Weblogging. See how we helped istockphoto.com and others.
Do you have a blog with more than 50k page views from the US? Let us market your blog.

Advertisement
Book yours here.

Testimonials
'Great looking blog. Good quality posts with useful information.'

Other blogs in the same channel in the Creative Weblogging Network

Advertisement -
Book yours here..

Disclaimer
Some of the contents of this site are protected Creative Weblogging Ltd. 2004-2008.

Advertisement - Book yours here..

Add your response to HTTP Request Smuggling Tackled By Sun:
Name: *	Email: (will never be shown)*	URL:

(* marked fields are required)
Notify me if more comments appear?	Subscribe to Java Entrepreneur newsletter? (Newsletters are sent out weekly).	Remember me
Security Code: * (Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)


We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Tell a friend about HTTP Request Smuggling Tackled By Sun
Recipient email:*	Your email:*

(* Both email addresses are required for sending this article. They will never be shown or used for any marketing purposes)
Please enter a message which will be shown together with the article:

Security Code: (Please help us to sort out spam.)

HTTP Request Smuggling Tackled By Sun

Filed in archive Security by gautam on December 11, 2006

Related Entries:

Vote for HTTP Request Smuggling Tackled By Sun:

Add your response to HTTP Request Smuggling Tackled By Sun:

Tell a friend about HTTP Request Smuggling Tackled By Sun

Check out our Sponsored Blogs!

latest news from

Our Editors recommend

Contributors (Last 90 days)

Categories

Archives

Advertise with us

Most popular

Testimonials

Recent Comments

Other blogs in the same channel in the Creative Weblogging Network

Technology

Disclaimer

Find more recent entries from our other publications:

On Storage

BlogWealth

P2P File Sharing

The CIO Weblog

Nanotechbuzz

HackITLinux