Note: This is an archival copy of Security Sun Alert 201381 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001054.1. |
Category Security Release Phase Resolved Sun Java System Web Server 6.1 Bug Id 6437635 Date of Resolved Release 14-MAR-2007 Impact A security vulnerability in the Sun Java System Web Server may allow a local or remote user to gain authorized access to certain web server instances. When a secure web server instance is set up as a non-root instance through the admin server and that admin server is configured to run as root, this vulnerability may allow a user with a revoked client certificate to access the web server instance under certain conditions even if a valid Certificate Revocation List (CRL) file is installed for the instance. Contributing Factors This issue can occur in the following releases: SPARC Platform
x86 Platform
Linux Platform
AIX Platform
HP-UX Platform
Important Notes: The following releases are not affected:
This issue only affects hosts which meet the following two conditions: 1) contain a Certificate Revocation List (CRL) which matches certain criteria 2) contain server instances which run as a user that differs from the user that the admin server is configured to run as If both of these conditions are met, a directory with the following name will exist on the host and it will have permissions which do not grant access to the affected instance's user. A command such as the following can be used to determine the permissions of the directory: $ ls -l <WS-install>/alias/https-<instance>-cert8.dir Please consult the product documentation for information on determining which user the active instances are running as. To determine the version of Sun Java System Web Server on a system, the following command can be run: $<WS-install>/https-<host>/start -version Symptoms There are no reliable symptoms that would indicate the described issue has occurred. Workaround After importing a CRL through Web Server Admin GUI on affected systems, the following directory will be created: <WS-install>/alias/https-<instance>-cert8.dir Manually change the permission/ownership of the cert8.dir directory and the files within it for this instance to allow the non-root instance owner to access them. Resolution This issue is addressed in the following releases: SPARC Platform
x86 Platform
Linux Platform
AIX Platform
HP-UX Platform
Sun Java System Web Server 6.1 Service Pack 7 is available at: http://www.sun.com/download/products.xml?id=45c90ca9 Modification History Date: 31-MAY-2007
References116648-19116649-19 118202-11 121510-03 Attachments This solution has no attachment |
|