Sun Java System Calendar Server重复URI请求拒绝服务漏洞

BUGTRAQ ID: 34150
CVE(CAN) ID: CVE-2009-1219

Sun Java System Calendar Server是Sun Java System通信套件中的日程服务器组件。

如果远程攻击者向Calendar Server连续两次发送特制的HTTP请求并在tzid参数中设置了字母字符的话，就会导致Calendar Server进程崩溃，可能留下类似于以下栈追踪的崩溃dump，具体取决于系统配置：

$ pstack core

...
...
-----------------  lwp# 4 / thread# 4  --------------------
ff05ff40 shtml_finishlogin (6db6c10, 201f8, 6ee7e26, 6e7471ff, 80808080, 1010101) + 160
0001dff4 cmd_login (6db6c10, 1, 0, 687474, 80808080, 1010101) + 364
00017f78 cshttpd_post_cb (6db6c10, 2d26ad, 6f07dc0, 6d, 1, 2e000000) + 470
fed8ff88 cmd_post (6db6c10, 2d26ad, 6f07dc0, 6d, 6f07dc0, baddc800) + 1b8
fed8f2a8 cmd_exec (6db6c10, 4, 2, 0, 0, 0) + da8
fed8d8cc cmdloop  (6db6c10, fa8bce9c, 2000, ff000000, 0, 0) + 3bc
fed8c4f0 sock_readable (6db6c10, 1000, fe7ecbc0, fc922400, 5b35bc, 0) + 2f0
feb45564 GDispCx_Dispatch (5b3544, 6f61c04, 6e6300c, fc922400, 5b3634, 0) + 174
feb45b78 GDispCx_InternalWork (6e6300c, fa8c0000, 0, 0, feb45798, 1) + 3e0
fe7c04f4 _lwp_start (0, 0, 0, 0, 0, 0)

...
...

Sun Java System Calendar Server 6.3

Sun

Sun已经为此发布了一个安全公告（Sun-Alert-255008）以及相应补丁:
Sun-Alert-255008：Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
链接：<a href=“http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-255008-1” target=“_blank”>http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-255008-1</a>