Date of Resolved Release
25-AUG-2000

Impact

An implementation bug which exists in Java 1.1.x releases allows an untrusted applet to accept connections from hosts other than the host that the applet came from. While this should not be allowed, this bug by itself does not allow the applet to violate other Java sandbox restrictions. Also, a firewall will stop such incoming connections from the Internet. This is a Java 1.1.x implementation bug, not an architectural flaw with the Java Security Model.

An exploit called Brown Orifice was publicly posted recently. Brown Orifice exploits a bug in the Netscape Java Runtime Environment (see CERT Advisory CA-2000-15). It also exploits this implementation bug. Sun's supported versions of J2SE 1.2 and later are not affected.

Contributing Factors

Customer deployments of Java 1.1.x may encounter this issue if code exploiting the problem is introduced into their runtime environment.

Symptoms

There may be no obvious symptoms.

Workaround


Please see resolution.




Resolution


The issue is addressed in the following upgrade releases:


Windows Production and Solaris Reference Releases:

    JDK/JRE 1.1.8_005  & plugin1.1.3_003  Posted at web-site
JDK/JRE 1.1.7B_007 & plugin1.1.2_006  Available approx: 8/24/2000
JDK/JRE 1.1.6_009  & plugin1.1.1_006  Available approx: 8/25/2000

Solaris Production Release:

    JDK/JRE 1.1.8_12  Available approx: 8/21/2000
(Note: No plugin exists for 1.1.x Solaris production release)

available from:



http://java.sun.com/products/jdk/1.1


http://java.sun.com/products/plugin/1.1.3/index-1.1.3.html




Modification History


Product
Sun Java Standard Edition (Java SE)






































Attachments
This solution has no attachment