Note: This is an archival copy of Security Sun Alert 201553 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001160.1.
Sun Java System Web Proxy Server 4.0
Date of Resolved Release
Two buffer overflows have been found in the SOCKS module of Sun Java System Web Proxy Server 4.0 which may allow a local or remote unprivileged user the ability to execute arbitrary code with the privileges of the SOCKS server or cause a Denial of Service (DoS) to the SOCKS server. The SOCKS server normally runs with root privileges.
One of the vulnerabilities (BugID 6537736) requires authentication before it can be exploited; however, the default configuration is for no authentication to be required to access the SOCKS server.
Sun acknowledges with thanks, iDefense (http://www.idefense.com), for bringing these issues to our attention.
These issues are also described in the following document:
These issues can occur in the following releases:
To determine the version of Sun Java System Proxy Server on a system, the following command can be run:
$ <ps_install>/bin/ns-proxy -v Sun ONE Web Proxy Server 3.6-SP9 B2006.191.1801 SP9
(Where <ps_install> is the installation directory of the Proxy Server).
There are no predictable symptoms that would indicate the described issues have been exploited.
To prevent these issues until an upgrade or patches can be applied, the SOCKS proxy server should be disabled if it is not being utilized. This can be accomplished by shutting down the SOCKS server using the 'stop-sockd' script under the Proxy Server instance directory.
These issues are addressed in the following releases:
Sun Java System Web Proxy Server 4.0 Service Pack 5 is available for download at http://www.sun.com/download/products.xml?id=4648dc96
This solution has no attachment