Sun Java System Web Server Digest Authentication Remote Buffer Overflow Vulnerability

» IDS/IPS Signatures

iPolicy Networks Security Advisory

Sun Java System Web Server Digest Authentication Remote Buffer Overflow Vulnerability


Date Discovered:	01/25/2010
Severity:	High
Application Affected:	Sun Java System Web Server 7.0 update 6
Type:	Remote
Identifiers:	CVE-2010-0387

Synopsis

Sun Java System Web Server is prone to a buffer overflow vulnerability, which could be exploited to execute arbitrary code on the affected system.

Recommended Actions

No security patch or update is available as of February 11, 2010.
The customers are advised to visit vendor's site for any update.

Threat Analysis

Sun Java System Web Server is a well known web server designed for medium and large business applications. There exists a heap-based buffer overflow vulnerability in Sun Java System Web Server 7.0 update 7

The flaw exists due to improper bounds checking by the webservd and admin server. An attacker may exploit this vulnerability by sending a specially-crafted HTTP request containing long string in an "Authorization: Digest" HTTP header. Successful exploitation allows remote code execution within the context of the affected application or cause the server to crash.

References

http://www.securityfocus.com/bid/37896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-0387
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0387

Write-up by: Dheeraj Johri