Overview
» IDS/IPS Signatures
Security Sites
iPolicy Networks Security Advisory
 

Sun Java System Web Server WebDAV Format String Vulnerability
Date Discovered: 01/25/2010
Severity: High
Application Affected: Sun Java System Web Server 7.0 update 6
Type: Remote
Identifiers: CVE-2010-0388
Synopsis

Sun Java System Web Server is prone to a format string vulnerability, which could be exploited to execute arbitrary code on the affected system.
Recommended Actions
No security patch or update is available as of February 11, 2010.
The customers are advised to visit vendor's site for any update.
Threat Analysis

Sun Java System Web Server is a well known web server designed for medium and large business applications. There exists a format string vulnerability in Sun Java System Web Server 7.0 update 6

The flaw exists due to format string error in the WebDAV functionality. An attacker may exploit this vulnerability by sending a specially-crafted HTTP request containing malicious format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request. Successful exploitation allows remote code execution within the context of the affected application, resulting in webservd service crash.
References

http://www.securityfocus.com/bid/37910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-0388
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0388

Write-up by: Dheeraj Johri