Note: This is an archival copy of Security Sun Alert 201567 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001173.1. |
Category Security Release Phase Resolved Sun Java System Application Server Standard Edition 7 2004Q2 Update 4 Sun Java System Web Server 6.1 Sun Java System Application Server Enterprise Edition 7 2004Q2 Sun Java System Application Server Enterprise Edition 7 2004Q2 Update 4 Sun ONE Web Server 6.0 Bug Id 5004563, 5004542, 5016209 Date of Resolved Release 02-NOV-2004 Impact A remote unprivileged user may be able to crash a Sun Java System Web Server or a Sun Java System Application Server which is configured to use SSL. Being able to crash an application is a type of Denial of Service (DoS). Contributing Factors These issues can occur in the following releases for all platforms:
Symptoms The server exits unexpectedly. Workaround There is no workaround. Please see the "Resolution" section below. Resolution These issues are addressed in the following releases:
Sun Java System Web Server 6.0 SP 8 is available for download at http://wwws.sun.com/software/download/products/40968fe6.html. Sun Java System Web Server 6.1 SP 3 is available for download at http://wwws.sun.com/software/download/products/415a094d.html. Sun Java System Application Server 7 Standard Edition Update 5 is available for download at http://wwws.sun.com/software/download/products/414b472d.html. Sun Java System Application Server Platform Edition 7 Update 5 is available for download at http://wwws.sun.com/software/download/products/4151fe59.html. Sun Java System Application Server 7 2004Q2 Update 1 is available for download at http://wwws.sun.com/software/download/products/4154c5a5.html. Modification History Date: 22-DEC-2005 22-Dec-2005:
Attachments This solution has no attachment |
|