SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Oracle Java Enterprise System (JES) Vendors:   Sun
(Sun Issues Fix for Java Enterprise System) Mozilla Firefox Integer Underflow in Processing SSLv2 Server Messages Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1017834
SecurityTracker URL:  http://securitytracker.com/id/1017834
CVE Reference:   CVE-2007-0008, CVE-2007-0009   (Links to External Site)
Date:  Mar 30 2007
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Mozilla Firefox. A remote user can execute arbitrary code on the target system. Sun Java Enterprise System is affected.

A remote server can send specially crafted SSLv2 server messages to the connected client to trigger an integer underflow in the Network Security Services (NSS) libraries and potentially execute arbitrary code on the target system. The code will run with the privileges of the target user.

A certificate with a public key that is too small to encrypt the "Master Secret" can lead to heap corruption.

NSS versions 3.10 and 3.11.3 are affected ('libnss3.so', 'nss3.dll').

SSLv2 is disabled by default in Firefox 2.

The vendor was notified on December 18, 2006.

regenrecht reported this vulnerability to iDefense.

The original advisories are available at:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=482
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=483

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   Sun Java Enterprise System is affected by this Mozilla NSS vulnerability.

Sun has issued the following fixes for Sun Java Enterprise System:

SPARC Platform

* Sun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 and 2005Q4 for Solaris 8 with patch 119209-12 or later
* Sun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 and 2005Q4 for Solaris 9 with patch 119211-12 or later
* Sun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 and 2005Q4 for Solaris 10 with patch 119213-12 or later
* Sun Java Enterprise System 5 with patch 125358-01 or later
* Solaris 9 with patch 119211-12 or later
* Solaris 10 with patch 119213-12 or later

x86 Platform

* Sun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 and 2005Q4 for Solaris 9 with patch 119212-12 or later
* Sun Java Enterprise System 2003Q4, 2004Q2, 2005Q1 and 2005Q4 for Solaris 10 with patch 119214-12 or later
* Sun Java Enterprise System 5 with patch 125359-01 or later
* Solaris 9 with patch 119212-12 or later
* Solaris 10 with patch 119214-12 or later

Linux Platform

* Sun Java Enterprise System 2004Q2, 2005Q1, 2005Q4 and Sun Java Enterprise System 5 with patch 121656-12 or later

HP-UX Platform

* Sun Java Enterprise System 2005Q1, 2005Q4 and Sun Java Enterprise System 5 with patch 124379-03 or later

Windows Platform

* Sun Java Enterprise System 2005Q1, 2005Q4 and Sun Java Enterprise System 5 with patch 125923-01 or later

The Sun advisory is available at

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102856-1

Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
Feb 23 2007 Mozilla Firefox Integer Underflow in Processing SSLv2 Server Messages Lets Remote Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC