Sun Java System Web Server Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Try our Premium Alert Service

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Category: Application (Web Server/CGI) > Sun ONE/iPlanet Web Server

Sun Java System Web Server Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks

SecurityTracker Alert ID: 1023426

SecurityTracker URL: http://securitytracker.com/id/1023426

CVE Reference: CVE-2009-3555 (Links to External Site)

Date: Jan 11 2010

Impact: Modification of user information

Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes

Version(s): 6.1, 7.0

Description: A vulnerability was reported in Sun Java System Web Server. A remote user can conduct a man-in-the-middle attack on SSL session renegotiation.

A remote user with the ability to conduct a man-in-the-middle attack can exploit a flaw in the underlying SSL/TLS protocol to inject arbitrary plain text into the exchange between the client and the server, with the arbitrary data as a prefix to the session.

The vulnerability resides in the TLS 1.0 or later and SSLv3 protocols.

Marsh Ray of PhoneFactor and Martin Rex independently reported this vulnerability.

[Editor's note: The flaw resides in the protocol and not in the protocol implementation. Some vendors are implementing a temporary workaround that prohibits session renegotiation until the protocol itself can be modified. Several protocol implementations are affected, including OpenSSL, GnuTLS, Network Security Services, and Java Secure Socket Extension.]

Impact: A remote user can with the ability to conduct a man-in-the-middle attack can inject arbitrary plain text data into the exchange, preceding the session data.

Solution: The vendor has issued a fix.

SPARC Platform

* Sun Java System Web Server 7.0 update 7 or later

x86 Platform

* Sun Java System Web Server 7.0 update 7 or later

Linux

* Sun Java System Web Server 7.0 update 7 or later

HP-UX

* Sun Java System Web Server 7.0 update 7 or later

Windows

* Sun Java System Web Server 7.0 update 7 or later

The vendor's advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1

Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1 (Links to External Site)

Cause: Authentication error

Underlying OS: Linux (Any), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)

Message History: None.

Source Message Contents


[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2018, SecurityGlobal.net LLC