Security Vulnerabilities in the SOCKS Module of Sun Java System Web Proxy Server 4.0

Category
Security

Release Phase
Resolved

Product
Sun Java System Web Proxy Server 4.0

Bug Id
6537736, 6537745

Date of Resolved Release
25-MAY-2007

Impact

Two buffer overflows have been found in the SOCKS module of Sun Java System Web Proxy Server 4.0 which may allow a local or remote unprivileged user the ability to execute arbitrary code with the privileges of the SOCKS server or cause a Denial of Service (DoS) to the SOCKS server. The SOCKS server normally runs with root privileges.

One of the vulnerabilities (BugID 6537736) requires authentication before it can be exploited; however, the default configuration is for no authentication to be required to access the SOCKS server.

Sun acknowledges with thanks, iDefense (http://www.idefense.com), for bringing these issues to our attention.

These issues are also described in the following document:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=536

Contributing Factors

These issues can occur in the following releases:

SPARC Platform

Sun Java System Web Proxy Server 4.0 without Service Pack 5
Sun Java System Web Proxy Server 4.0 without patch 120981-12

x86 Platform

Sun Java System Web Proxy Server 4.0 without Service Pack 5
Sun Java System Web Proxy Server 4.0 without patch 120982-12

Linux

Sun Java System Web Proxy Server 4.0 without Service Pack 5
Sun Java System Web Proxy Server 4.0 without patch 120983-12

HP-UX

Sun Java System Web Proxy Server 4.0 without Service Pack 5
Sun Java System Web Proxy Server 4.0 without patch 123532-02

Windows

Sun Java System Web Proxy Server 4.0 without Service Pack 5
Sun Java System Web Proxy Server 4.0 without patch 126325-02

To determine the version of Sun Java System Proxy Server on a system, the following command can be run:

    $ <ps_install>/bin/ns-proxy -v
    Sun ONE Web Proxy Server 3.6-SP9 B2006.191.1801 SP9

(Where <ps_install> is the installation directory of the Proxy Server).

Symptoms

There are no predictable symptoms that would indicate the described issues have been exploited.

Workaround

To prevent these issues until an upgrade or patches can be applied, the SOCKS proxy server should be disabled if it is not being utilized. This can be accomplished by shutting down the SOCKS server using the 'stop-sockd' script under the Proxy Server instance directory.

Resolution

These issues are addressed in the following releases:

SPARC Platform

Sun Java System Web Proxy Server 4.0 with Service Pack 5 or later
Sun Java System Web Proxy Server 4.0 with patch 120981-12 or later

x86 Platform

Sun Java System Web Proxy Server 4.0 with Service Pack 5 or later
Sun Java System Web Proxy Server 4.0 with patch 120982-12 or later

Linux

Sun Java System Web Proxy Server 4.0 with Service Pack 5 or later
Sun Java System Web Proxy Server 4.0 with patch 120983-12 or later

HP-UX

Sun Java System Web Proxy Server 4.0 with Service Pack 5 or later
Sun Java System Web Proxy Server 4.0 with patch 123532-02 or later

Windows

Sun Java System Web Proxy Server 4.0 with Service Pack 5 or later
Sun Java System Web Proxy Server 4.0 with patch 126325-02 or later

Sun Java System Web Proxy Server 4.0 Service Pack 5 is available for download at http://www.sun.com/download/products.xml?id=4648dc96

Modification History
Date: 26-JUL-2007

Updated Contributing Factors and Resolution sections

Date: 10-SEP-2007

Updated Contributing Factors and Resolution sections

Date: 14-SEP-2007

Updated Contributing Factors and Resolution sections

References

120981-12
120982-12
120983-12
120981-12
120982-12
120983-12
126325-02
123532-02

Attachments

This solution has no attachment