| VID |
22348 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Webproxy |
| Detailed Description |
The Sun Java System Web Proxy Server, according to its banner, has a buffer overflow vulnerability. Sun Java System Web Proxy Server (Formerly Sun ONE Web Proxy Server) is a data management server for multiple operating systems. Sun Java System Web Proxy Server version 3.6 Service Pack 6 and earlier are vulnerable to a buffer overflow vulnerability, which may allow a remote unprivileged attacker to execute arbitrary code on the system running the Web Proxy Server with the privileges of the server process.
* Note: This check solely relied on the banner of the remote HTTP server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/14901/
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57763-1
* Platforms Affected:
Sun Java System Web Proxy Server 3.6 SP0 through SP6
Microsoft Windows Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of Sun Java System Web Proxy Server (3.6 SP7 or later), available from the Sun Java System Web Proxy Server Web page at http://www.sun.com/software/products/web_proxy/home_web_proxy.xml |
| Related URL |
CVE-2005-1232 (CVE) |
| Related URL |
13268 (SecurityFocus) |
| Related URL |
20195 (ISS) |
|
