java

Vulnerability Reported In Sun Java System Products

Filed in archive Security on November 8, 2006

Vulnerability Reported In Sun Java System Products
Vulnerability has been reported in Sun Java System and Sun ONE Application Server. The cause is being attributed to an error in OpenSSL which could be targeted by hackers for forging signatures without requiring any secret key.

The following products have been affected:

Sun Java System proxy Server 3.6
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun ONE Application Server 7
Sun Java System Application Server 7 2004Q2
Sun Java System Application Server Platform Edition 8.1 2005 Q1
Sun Java System Application Server Enterprise Edition 8.1 2005 Q1

Avoid using RSA keys with an exponent of three. OpenSSL 0.9.7 branch users must upgrade to 0.9.7k version or later and OpenSSL 0.9.8 branch users must upgrade to 0.9.8c or later. Up till now there is no report of an official patch.



Permalink: Vulnerability Reported In Sun Java System Products

Tags: sun  java  OpenSSL  Sun  ONE  Application  Server  system  java+system 

Vote for Vulnerability Reported In Sun Java System Products:

  • Currently 8.67/10
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
Rating: 8.67 out of 3 vote(s) cast.
 
Share It
Most Popular   AJAX   Application Development   Awards   Basics   Best of   Business   conference   Did you know   E-Commerce   Information About   Management   Misc   Mobile Devices   mobile phones   Monthly Contest   Personal   Programming   Quick introduction   Security   Service Oriented Architectures