Lucene search

K
saintSAINT CorporationSAINT:98123FDE27FE94DBC2850BB61879D20A
HistoryFeb 05, 2010 - 12:00 a.m.

Sun Java System Web Server WebDAV OPTIONS request buffer overflow

2010-02-0500:00:00
SAINT Corporation
my.saintcorporation.com
31

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.972

Percentile

99.9%

Added: 02/05/2010
CVE: CVE-2010-0361
BID: 37874
OSVDB: 61851

Background

Sun Java System Web Server is a web application server. WebDAV (Web-based Distributed Authoring and Versioning) is an extension to the HTTP protocol which allows users to edit web server content.

Problem

A buffer overflow vulnerability in Sun Java System Web Server’s WebDAV implementation allows remote attackers to execute arbitrary commands by sending a specially crafted OPTIONS request.

Resolution

Upgrade to Sun Java System Web Server 6.1 Service Pack 12 or 7.0 Release 8 or higher.

References

<http://secunia.com/advisories/38260/&gt;
<http://sunsolve.sun.com/search/document.do?assetkey=1-66-275850-1&gt;

Limitations

Exploit works on Sun Java System Web Server 7.0 Update 7 on Windows Server 2003 SP2 with patch KB933729.

WebDAV support must be enabled on the target in order for the exploit to succeed, and the correct WebDAV URI must be specified.

Platforms

Windows

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.972

Percentile

99.9%