Vulnerability reported in Sun Solaris and Sun Java Web Console
Sun Solaris and Sun Java Web Console are under security threat as vulnerability has been identified which could be exploited by remote attackers for causing a DoS or execution of arbitrary code. What causes this is the format string error in the logging service while processing of malformed authentication data and this may result in the vulnerable system being compromised by sending a specially crafted request.
It is a critical vulnerability and it is both locally and remotely exploitable. The vulnerability was reported by Felix Lindner and Frank Dick. The following versions have been affected by this vulnerability – Sun Solaris 10, Sun Java Web Console version 2.2.2, Sun Java Web Console version 2.2.3, Sun Java Web Console version 2.2.4 and Sun Java Web Console version 2.2.5. Click here for the solution.