Release DateOct 26, 2011 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a Buffer Overflow vulnerability in the Java System Web Proxy sockd daemon.The vulnerability is caused by a lack of boundary checking on user supplied parameters during the protocol negotiation. It could allow a remote attacker to execute arbitrary code by sending a specially crafted connection request. |
Affected ProductsSun Java Web Proxy Server 4.0.4Sun Java Web Proxy Server 4.0.3 Sun Java Web Proxy Server 4.0.2 Sun Java Web Proxy Server 4.0 SP1 Sun Java Web Proxy Server 4.0 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux AS 3 |
Recommended ActionsApply the most recent upgrades or patches from the vendor:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1 http://blogs.oracle.com/sunsecurity/entry/sun_alert_102927_security_vulnerabilities |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-2881 |
Reference/shttp://www.securityfocus.com/bid/24165 (BugTraq) |
