SWAN issues sun java jre security alert
From: Bret Hughes (bhughes_at_elevating.com)
Date: 10/30/03
- Previous message: Bret Hughes: "Re: Random crashes with high load (again)"
- Next in thread: Bret Hughes: "Re: SANS issues sun java jre security alert"
- Reply: Bret Hughes: "Re: SANS issues sun java jre security alert"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: redhat-list <redhat-list@redhat.com> Date: 30 Oct 2003 09:42:59 -0600
This was in todays SANS security newsletter:
I had not seen this so I thought I would post it.
*****************************
Widely Deployed Software
*****************************
(1) MODERATE: Sun Java Virtual Machine Security Bypass
Affected Products:
Sun SDK and JRE version 1.4.1_03 and prior
Sun SDK and JRE version 1.3.1_08 and prior
Sun SDK and JRE version 1.2.2_015 and prior
Description:
Sun's implementation of Java Virtual Machine (JVM) has been reported to
contain a vulnerability which can be exploited by a malicious Java
applet. A hostile applet can bypass any security restrictions and
possibly execute arbitrary code on a client machine with the privileges
of the logged-on user. The applet can be delivered by a website or an
HTML-formatted email. Note that this vulnerability affects all
web-browsers which use Sun's Java Runtime Environment (JRE) plug-in such
as Netscape, Mozilla and potentially Internet Explorer. The discoverers
of the vulnerability have developed a proof-of-concept exploit which
they plan to release in another four weeks.
Status: Vendor confirmed, patches available.
Council Site Actions:
Several council sites are running the affected software and plan to
deploy the patches within the next four weeks. Several other sites are
still investigating whether the affected software is in use. Some of
these sights are scanning for affected hosts and will patch if any are
found. Several other council sites stated that they use the Microsoft
JVM and have some concerns that it may be vulnerable to same attack.
These sites are awaiting further information from Microsoft. One site
does not plan to take any action at this time since their current
network configuration, up-to-date AV, web blocking/filtering and IDS
implementation protects them from this type of vulnerability/exploit,
mitigates risk and helps prevent any new malicious code from being
introduced.
References:
Posting by the Last-Stage-of-Delirium (discovered the bug)
http://archives.neohapsis.com/archives/bugtraq/2003-10/0223.html
Posting by Alla Bezroutchko
http://archives.neohapsis.com/archives/bugtraq/2003-10/0254.html
Sun Alert Notification
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221
"Sandbox" Restrictions for Java Applets
http://www.securingjava.com/chapter-two/chapter-two-2.html
SecurityFocus BID
http://www.securityfocus.com/bid/8879
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Bret Hughes: "Re: Random crashes with high load (again)"
- Next in thread: Bret Hughes: "Re: SANS issues sun java jre security alert"
- Reply: Bret Hughes: "Re: SANS issues sun java jre security alert"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
