Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
- Buffer overflow in Sun Java System Web Proxy Server -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, November 2, 2004 - Sun(*) has reported a buffer overflow
vulnerability in Sun Java System Web Proxy Server 3.6, as well as releasing
a Service Pack that fixes it.
This security problem can be classified as serious, as it could allow a
remote user to cause the Web Proxy Server or the Web Proxy Server's Admin
Server to crash or to execute arbitrary code on the affected system.
According to Sun, the server does not correctly handle CONNECT Request URIs
and that the proxy administration server has various buffer management
flaws. Sun Java System Web Proxy Server 3.6 Service Pack 4 and earlier are
affected.
This vulnerability is corrected in Service Pack 5 (or later) for Sun Java
System Web Proxy Server 3.6, which can be downloaded from:
http://wwws.sun.com/software/download/products/4149bc42.html
(*) More information at:
http://sunsolve.sun.com/search/document.do...ey=1-26-57606-1
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, November 2, 2004 - Sun(*) has reported a buffer overflow
vulnerability in Sun Java System Web Proxy Server 3.6, as well as releasing
a Service Pack that fixes it.
This security problem can be classified as serious, as it could allow a
remote user to cause the Web Proxy Server or the Web Proxy Server's Admin
Server to crash or to execute arbitrary code on the affected system.
According to Sun, the server does not correctly handle CONNECT Request URIs
and that the proxy administration server has various buffer management
flaws. Sun Java System Web Proxy Server 3.6 Service Pack 4 and earlier are
affected.
This vulnerability is corrected in Service Pack 5 (or later) for Sun Java
System Web Proxy Server 3.6, which can be downloaded from:
http://wwws.sun.com/software/download/products/4149bc42.html
(*) More information at:
http://sunsolve.sun.com/search/document.do...ey=1-26-57606-1
Back to top
