| VID |
28221 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Sun Java JDK / JRE which is vulnerable to privilege escalation vulnerabilities has been installed on the host. The Sun Java JRE installed on the relevant host, according to its version number, has a security bypass vulnerability. Sun Java JDK and JRE versions 6 prior to 6 Update 2 and versions 5.0 prior to 5.0 Update 14 could allow a remote attacker to gain elevated privileges on the affected system, caused by unspecified errors when handling certain untrusted applications or applets. A remote attacker could exploit these vulnerabilities by creating a malicious web site to cause a downloaded application or applet to elevate its privileges and grant itself permissions to read and write local files or execute local applications with the privileges of the logged-on user.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1
http://www.frsirt.com/english/advisories/2008/0429
http://www.securitytracker.com/id?1019308
http://secunia.com/advisories/28795
http://secunia.com/advisories/28888
http://secunia.com/advisories/29214
* Platforms Affected:
Sun Microsystems, Sun JDK and JRE 6 Update 1 and earlier
Sun Microsystems, Sun JDK and JRE 5.0 Update 13 and earlier
Sun Microsystems, Solaris 7, 8, 9
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Sun Java 2 SDK/JRE (6 Update 2 or 5.0 Update 14 or later), available from the following Sun Microsystems, Inc. Web sites:
http://java.sun.com/javase/downloads/index.jsp
http://java.sun.com/javase/downloads/index_jdk5.jsp
-- AND --
When upgrading a Java installation on a computer, all previous versions should be uninstalled to prevent them being accessed to run a malicious applet that may exploit latent vulnerabilities that may exist in those other previous versions.
It is also possible to workaround this issue by disabling Java support in the Web browser or any other applications that provide an environment for execution Java applets. |
| Related URL |
CVE-2008-0657 (CVE) |
| Related URL |
27650 (SecurityFocus) |
| Related URL |
40298 (ISS) |
|
