Summary
This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability.
Impact
Successful exploitation could allow execution of arbitrary code in the context of the server, and failed attacks may cause denial-of-service condition.
Impact Level: Application
Solution
Update to version 4.0.8 or apply patches.
http://www.sun.com/software/products/web_proxy/get_it.jsp
NOTE: Ignore this message if patch is applied already.
Insight
The flaw exist due to a boundary error in the FTP subsystem and in processing HTTP headers. This issue resides within the code responsible for handling HTTP GET requests.
Affected
Sun Java System Web Proxy Server versions prior to 4.0.8 on all running platform.
References
Severity
Classification
-
CVE CVE-2008-4541 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
- Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
- BSPlayer Stack Overflow Vulnerability BLS
- Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)