Note: This is an archival copy of Security Sun Alert 201713 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001264.1. |
Category Security Release Phase Resolved 4980660 Date of Resolved Release 15-MAR-2004 Impact A vulnerability in the Sun Java System Application Server may be exploited by a local or remote unprivileged user through a SOAP request to cause the server to take a longer time to respond to clients, which is a type of Denial-of-Service (DoS). Sun acknowledges, with thanks, Amit Klein from Sanctum Inc. (http://www.sanctuminc.com) for bringing this issue to our attention. Contributing Factors This issue can occur in the following releases:
Note: Releases prior to Sun Java System Application Server 7 are not affected. For supported architectures and OS versions, see http://wwws.sun.com/software/download/products/3fb01667.html. Symptoms If successfully exploited, the application server will take a longer time to respond and may report out-of-memory errors. Workaround There is no workaround. Please see the "Resolution" section below. Resolution This issue is addressed in the following releases:
Sun Java System Application Server upgrade is available for download at http://wwws.sun.com/software/download/app_servers.html. Modification History Product Sun Java System Application Server Platform Edition 7 Update 3 Attachments This solution has no attachment |
|