Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:45ED77EFFA1D04F8768986CB9B9BD8D4
HistoryFeb 05, 2010 - 12:00 a.m.

Sun Java System Web Server WebDAV OPTIONS request buffer overflow

2010-02-0500:00:00
SAINT Corporation
download.saintcorporation.com
18

EPSS

0.972

Percentile

99.9%

JSON

Added: 02/05/2010
CVE: CVE-2010-0361
BID: 37874
OSVDB: 61851

Background

Sun Java System Web Server is a web application server. WebDAV (Web-based Distributed Authoring and Versioning) is an extension to the HTTP protocol which allows users to edit web server content.

Problem

A buffer overflow vulnerability in Sun Java System Web Server’s WebDAV implementation allows remote attackers to execute arbitrary commands by sending a specially crafted OPTIONS request.

Resolution

Upgrade to Sun Java System Web Server 6.1 Service Pack 12 or 7.0 Release 8 or higher.

References

<http://secunia.com/advisories/38260/&gt;
<http://sunsolve.sun.com/search/document.do?assetkey=1-66-275850-1&gt;

Limitations

Exploit works on Sun Java System Web Server 7.0 Update 7 on Windows Server 2003 SP2 with patch KB933729.

WebDAV support must be enabled on the target in order for the exploit to succeed, and the correct WebDAV URI must be specified.

Platforms

Windows

Related

packetstorm 4
exploitpack 2
checkpoint_advisories 1
saint 3
prion 1
exploitdb 3
zdt 2
seebug 3
cvelist 1
nvd 1
metasploit 1
cve 1
openvas 6
packetstorm
packetstorm
Sun Java System Web Server Remote Code Execution
2010-04-03 00:00:00
Sun Java System Web Server WebDAV OPTIONS Buffer Overflow
2010-05-03 00:00:00
Sun Java System Web Server Stack Overflow
2010-07-03 00:00:00
exploitpack
exploitpack
Sun Java Web Server 7.0 u7 - Remote Overflow (DEP Bypass)
2010-07-09 00:00:00
Sun Java Web Server 7.0 u7 - Remote Overflow
2010-07-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Sun Java System Web Server WEBDAV Stack Buffer Overflow (CVE-2010-0361)
2010-05-02 00:00:00
saint
saint
Sun Java System Web Server WebDAV OPTIONS request buffer overflow
2010-02-05 00:00:00
Sun Java System Web Server WebDAV OPTIONS request buffer overflow
2010-02-05 00:00:00
Sun Java System Web Server WebDAV OPTIONS request buffer overflow
2010-02-05 00:00:00
prion
prion
Stack overflow
2010-01-20 16:30:00
exploitdb
exploitdb
Sun Java Web Server 7.0 u7 - Remote Overflow
2010-07-03 00:00:00
Sun Java Web Server 7.0 u7 - Remote Overflow (DEP Bypass)
2010-07-09 00:00:00
Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit)
2010-08-07 00:00:00
zdt
zdt
Sun Java Web Sever 7.0 u7 Remote Exploit
2010-07-03 00:00:00
Sun Microsystems Sun Java System Web Server remote exploit
2010-04-03 00:00:00
seebug
seebug
Sun Java Web Server 7.0 u7 Exploit with DEP bypass
2010-07-10 00:00:00
Sun Java Web Server 7.0 u7 - Exploit with DEP bypass
2014-07-01 00:00:00
Sun Java Web Server 7.0 u7 Remote Exploit
2014-07-01 00:00:00
cvelist
cvelist
CVE-2010-0361
2010-01-20 16:00:00
nvd
nvd
CVE-2010-0361
2010-01-20 16:30:00
metasploit
metasploit
Sun Java System Web Server WebDAV OPTIONS Buffer Overflow
2010-05-02 20:52:14
cve
cve
CVE-2010-0361
2010-01-20 16:30:00
openvas
openvas
Sun Java System Web Server Multiple Vulnerabilities (Windows)
2010-02-04 00:00:00
Sun Java System Web Server Multiple Vulnerabilities - Windows
2010-02-04 00:00:00
Sun Java System Web Server Multiple Vulnerabilities
2010-04-12 00:00:00

EPSS

0.972

Percentile

99.9%

JSON
Related for SAINT:45ED77EFFA1D04F8768986CB9B9BD8D4
packetstorm4exploitpack2checkpoint_advisories1saint3prion1exploitdb3zdt2seebug3cvelist1nvd1metasploit1cve1openvas6