[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Java Web Server (from Sun)

Title: Java Web Server (from Sun)
Released by: Sun
Date: 23rd August 2000
Printable version: Click here
-----BEGIN PGP SIGNED MESSAGE-----



________________________________________________________________________________

     Sun Microsystems, Inc. Security Bulletin

  

Bulletin Number: #00197

Date: August 23, 2000

Cross-Ref: Foundstone Advisory FS-082200-11-JWS

Title: Java Web Server 

________________________________________________________________________________



The information contained in this Security Bulletin is provided "AS IS."

Sun makes no warranties of any kind whatsoever with respect to the information

contained in this Security Bulletin. ALL EXPRESS OR IMPLIED CONDITIONS,

REPRESENTATIONS AND WARRANTIES, INCLUDING ANY WARRANTY OF NON-INFRINGEMENT OR

IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE

HEREBY DISCLAIMED AND EXCLUDED TO THE EXTENT ALLOWED BY APPLICABLE LAW.



IN NO EVENT WILL SUN MICROSYSTEMS, INC. BE LIABLE FOR ANY LOST REVENUE,

PROFIT OR DATA, OR FOR DIRECT, SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL

OR PUNITIVE DAMAGES HOWEVER CAUSED AND REGARDLESS OF ANY THEORY OF LIABILITY

ARISING OUT OF THE USE OF OR INABILITY TO USE THE INFORMATION CONTAINED IN

THIS SECURITY BULLETIN, EVEN IF SUN MICROSYSTEMS, INC. HAS BEEN ADVISED OF

THE POSSIBILITY OF SUCH DAMAGES.



If any of the above provisions are held to be in violation of applicable law,

void, or unenforceable in any jurisdiction, then such provisions are waived

to the extent necessary for this disclaimer to be otherwise enforceable in

such jurisdiction.

________________________________________________________________________________



1.  Bulletins Topics



    Sun announces the release of patches for Java Web Server 2.0 and 1.1.3

    which relate to a vulnerability with the administration module.



    Sun recommends that you install the patches listed in section 4

    immediately on systems running Java Web Server.



2.  Who is Affected



Vulnerable: All versions of Java Web Server



3.  Understanding the Vulnerability



    It is possible to use the administration module to invoke servlets

    on a Java Web Server.  With carefully crafted JSP tags it is possible

    to execute arbitrary commands on the Web Server.



4.  List of Patches



    The following patches are available in relation to the above problem.

    For Java Web Server 1.1.1 or 1.1.2, first upgrade the Java Web Server

    and then install the appropriate patch.



    Java Web Server Version Patch ID

    _______________________ ________



    1.1.3 Patch 3

    2.0 Patch 3



    Patches are available at:



    http://java.sun.com/products/java-server/jws113patch3.html



    http://java.sun.com/products/java-server/jws20patch3.html



_______________________________________________________________________________

Sun acknowledges, with thanks, Foundstone, Inc. for bringing this

vulnerability to our attention.

_______________________________________________________________________________

APPENDICES



A.  Sun security bulletins are available at:



    http://sunsolve.sun.com/security



B.  Sun Security Coordination Team's PGP key is available at:



    http://sunsolve.sun.com/pgpkey.txt

        

C.  To report or inquire about a security problem with Sun software, contact

    one or more of the following:



        - Your local Sun answer centers

        - Your representative computer security response team, such as CERT

        - Sun Security Coordination Team. Send email to:



     security-alert@sun.com



D.  To receive information or subscribe to our CWS (Customer Warning System)

    mailing list, send email to:



    security-alert@sun.com



    with a subject line (not body) containing one of the following commands:



        Command         Information Returned/Action Taken

        _______         _________________________________



        help            An explanation of how to get information



        key             Sun Security Coordination Team's PGP key



        list            A list of current security topics



        query [topic]   The email is treated as an inquiry and is forwarded to

                        the Security Coordination Team



        report [topic]  The email is treated as a security report and is

                        forwarded to the Security Coordination Team. Please

                        encrypt sensitive mail using Sun Security Coordination

                        Team's PGP key



        send topic      A short status summary or bulletin. For example, to

                        retrieve a Security Bulletin #00138, supply the

                        following in the subject line (not body):

        

                                send #138



        subscribe       Sender is added to our mailing list.  To subscribe,

                        supply the following in the subject line (not body):



                            subscribe cws your-email-address



                        Note that your-email-address should be substituted

                        by your email address.



        unsubscribe     Sender is removed from the CWS mailing list.

________________________________________________________________________________



Copyright 2000 Sun Microsystems, Inc. All rights reserved. Sun,

Sun Microsystems, Solaris and SunOS are trademarks or registered trademarks

of Sun Microsystems, Inc. in the United States and other countries. This

Security Bulletin may be reproduced and distributed, provided that this

Security Bulletin is not modified in any way and is attributed to

Sun Microsystems, Inc. and provided that such reproduction and distribution

is performed for non-commercial purposes.



-----BEGIN PGP SIGNATURE-----

Version: PGP 6.5.2



iQCVAwUBOaPzlLdzzzOFBFjJAQHfUAQAlPyRCi9LhB0ty/iBjzb3L7ytbqwuxLl/

mvH1reDFl6AaJoeNOntm9PpJlUvOjM//S3PPgpBTtDwdzZr6NYphSEOpO9h3XWla

lIiMJTQK4UZChqbzrCwkZFn1/JD1Wnqug6iUU3ZHxk+Ko3zKjvRkglJAMPzwsUab

QK6r3DKQ1Ow=

=EHY9

-----END PGP SIGNATURE-----








(C) 1999-2000 All rights reserved.