SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Oracle Java Enterprise System (JES) Vendors:   Sun
(Sun Issues Fix for Java Enterprise System) Netscape Network Security Services (NSS) Library SSLv2 Buffer Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1011348
SecurityTracker URL:  http://securitytracker.com/id/1011348
CVE Reference:   CVE-2004-0826   (Links to External Site)
Date:  Sep 17 2004
Impact:   Execution of arbitrary code via network, Root access via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in the Netscape Network Security Services (NSS) library. A remote user may be able to execute arbitrary code on the target system. The Sun Java Enterprise System is affected.

Internet Security Systems reported that there is a buffer overflow in the processing of Secure Sockets Layer (SSL) version 2 packets. A remote user can trigger the buffer overflow during SSLv2 connection negotiation to execute arbitrary code on the target system.

It is reported that the library does not properly validate the length of a user-supplied record field in the SSLv2 client hello message. Systems using the NSS library with SSLv2 are affected.

The NSS library is used by several Netscape products, including the Enterprise Server (NES), Personalization Engine (NPE), Directory Server (NDS), and Certificate Management Server (CMS). Sun One/iPlanet is also affected.

According to the report, SSLv2 is disabled by default on Netscape Enterprise Server and Sun One.

Mark Dowd of ISS X-Force is credited with discovering this flaw.

The original advisory is available at:

http://xforce.iss.net/xforce/alerts/id/180

Impact:   A remote user may be able to execute arbitrary code on the target system with the privileges of the target web server.
Solution:   Sun has issued the following fixes for the Sun Java Enterprise System, which is affected by the NSS vulnerability:

SPARC Platform

Sun Java Enterprise System 2003Q4 and 2004Q2 for Solaris 8 with patches 114045-12 or later and 115924-09 or later

Sun Java Enterprise System 2003Q4 and 2004Q2 for Solaris 9 with patches 114049-12 or later and 115926-10 or later

x86 Platform

Sun Java Enterprise System 2003Q4 and 2004Q2 for Solaris 9 with patches 114050-12 or later and 115927-10 or later

Sun reports that you must install both patches.

Vendor URL:  sunsolve.sun.com/search/document.do?assetkey=1-26-57643-1 (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (Solaris - SunOS)
Underlying OS Comments:  8, 9

Message History:   This archive entry is a follow-up to the message listed below.
Aug 23 2004 Netscape Network Security Services (NSS) Library SSLv2 Buffer Overflow Lets Remote Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC