Check Point Advisories

Update Protection against Sun Microsystems Java System Web Proxy sockd Daemon Buffer Overflow Vulnerability

Check Point Reference: CPAI-2007-091
Date Published: 21 Aug 2007
Severity: Critical
Last Updated: Monday 01 January, 2007
Source: FrSIRT/ADV-2007-1957
Industry Reference:CVE-2007-2881
Protection Provided by:
Who is Vulnerable? Sun Microsystems Java System Web Proxy Server prior to 4.0.5
Vulnerability Description A buffer overflow vulnerability has been reported in the Java System Web Proxy sockd daemon. Java System Web Proxy Server collects and distributes data from the network. It provides protocol support for SOCKS - an Internet protocol that allows client-server applications to transparently use the services of a network firewall. An attacker may exploit this vulnerability to execute arbitrary code.
Update/Patch AvaliableUpgrade to Sun Java System Web Proxy Server version 4.0.5:
Sun Java System Web Proxy Server
Vulnerability DetailsThe vulnerability is due to a boundary error in the Java System Web Proxy sockd daemon when processing user supplied data. A remote attacker can exploit this flaw via a specially crafted connection request. Successful exploitation may allow an attacker to create a denial of service condition or execute arbitrary code on an affected system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK