Sun Java System Web Proxy Server Vulnerabilities (Win) Network Vulnerability

Summary

This host has Sun Java Web Proxy Server running, which is prone to heap buffer overflow vulnerability.

Impact

Successful exploitation could allow execution of arbitrary code in the context of the server, and failed attacks may cause denial-of-service condition. Impact Level: Application

Solution

Update to version 4.0.8 or apply patches. http://www.sun.com/software/products/web_proxy/get_it.jsp NOTE: Ignore this message if patch is applied already.

Insight

The flaw exists due to a boundary error in the FTP subsystem and in processing HTTP headers. This issue resides within the code responsible for handling HTTP GET requests.

Affected

Sun Java System Web Proxy Server versions prior to 4.0.8 on all running platform.

References

http://secunia.com/advisories/32227
http://web.nvd.nist.gov/view/vuln/detail?execution=e3s1
http://www.frsirt.com/english/advisories/2008/2781
http://xforce.iss.net/xforce/xfdb/45782

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-4541

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability
Cyrus SASL Remote Buffer Overflow Vulnerability
Bopup Communication Server Remote Buffer Overflow Vulnerability
Adobe Reader/Acrobat Multiple Vulnerabilities - Nov08 (Win)

Take action and discover your vulnerabilities