Vulnerability Bulletins |
Ejecución remota de código en Sun Java System Web Proxy Server 4.0 |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Comercial Software |
| Affected software | Sun Java System Web Proxy Server 4.0 |
Description |
|
|
Se ha descubierto una vulnerabilidad en Sun Java System Web Proxy Server 4.0. La vulnerabilidad reside en un error no especificado en el subsistema FTP. Un atacante remoto podría conseguir ejecutar código arbitrario mediante métodos no especificados. |
|
Solution |
|
|
Actualización de software Sun (242986) Sun Java System Web Proxy Server 4.0 - 4.0.7 / SPARC / patch 120981-15 Sun Java System Web Proxy Server 4.0 - 4.0.7 / x86 / patch 120982-15 Sun Java System Web Proxy Server 4.0 - 4.0.7 / Linux / patch 120983-15 Sun Java System Web Proxy Server 4.0 - 4.0.7 / HP-UX / patch 123532-05 Sun Java System Web Proxy Server 4.0 - 4.0.7 / Windows / patch 126325-05 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Sun Java System Web Proxy Server 4.0.8 https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_SMI-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=SJPrxySrv-4.0.8-OTH-G-F@CDS-CDS_SMI |
|
Standar resources |
|
| Property | Value |
| CVE | |
| BID | |
Other resources |
|
|
Sun Alert Notification (242986) http://sunsolve.sun.com/search/document.do?assetkey=1-66-242986-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2008-10-15 |