java

Vulnerability reported in Sun Java System Web Proxy

Filed in archive Security on May 28, 2007

Vulnerability has been reported in Java System Web Proxy. Remote exploitation of multiple stack based buffer overflows allows unauthenticated attackers to execute arbitrary code with super user privileges. The problem has been reported within sockd daemon and it can lead to buffer overflow by manipulation of bytes during protocol negotiation.

Arbitary code can be executed with the privileges of user running sockd. No kind of authentication is required and the attacker just needs to open a session with the SOCKS server. In order to counter this threat SOCKS proxy server should be disabled and firewalls should also be deployed.

Related Entries:

« Itanium 2-based solutions... | Main | ColdFusion gets closer to... »

Permalink: Vulnerability reported in Sun Java System Web Proxy

Tags: Sun Java System Web Proxy Java vulnerability java java+system

Vote for Vulnerability reported in Sun Java System Web Proxy:

Currently 8.25/10
1
2
3
4
5
6
7
8
9
10

Rating: 8.25 out of 4 vote(s) cast.

Add your response to Vulnerability reported in Sun Java System Web Proxy:

Name: *

Email: (will never be shown)*

URL:

(* marked fields are required)

Notify me if more comments appear?

Subscribe to Java Entrepreneur newsletter? (Newsletters are sent out weekly).

Remember me

Security Code: *
(Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)

We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Share It

RSS
Google
Yahoo!
Addthis
Bloglines
Twitter	Follow us on Twitter!

Tagcloud

All contents are protected by copyright. | Terms of Use | Privacy Policy | Contact Us