Sun Java System Web Proxy Server Vulnerabilities (Win)

Summary
This host has Sun Java Web Server running on Linux, which is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary code, gain sensitive information by conducting XSS attacks in the context of a affected site. Impact Level: System/Application
Solution
Update to Web Server version 6.1 SP11 http://www.sun.com/download/index.jsp http://sunsolve.sun.com/search/document.do?assetkey=1-66-259588-1
Insight
The Flaw is due to error in 'Reverse Proxy Plug-in' which is not properly sanitized the input data before being returned to the user. This can be exploited to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.
Affected
Sun Java System Web Server versions 6.1 and before 6.1 SP11 on Linux.
References

Updated on 2017-03-28