51,410
社区成员
发帖
与我相关
我的任务
分享求个Java补丁,知道的不知道进来看看。。。
Sun Java System Calendar Server重复URI请求拒绝服务漏洞
发布日期:2009-03-31
更新日期:2009-04-02
受影响系统:
Sun Java System Calendar Server 6.3
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 34150
CVE(CAN) ID: CVE-2009-1219
Sun Java System Calendar Server是Sun Java System通信套件中的日程服务器组件。
如果远程攻击者向Calendar Server连续两次发送特制的HTTP请求并在tzid参数中设置了字母字符的话,就会导致Calendar Server进程崩溃,可能留下类似于以下栈追踪的崩溃dump,具体取决于系统配置:
$ pstack core
...
...
----------------- lwp# 4 / thread# 4 --------------------
ff05ff40 shtml_finishlogin (6db6c10, 201f8, 6ee7e26, 6e7471ff, 80808080, 1010101) + 160
0001dff4 cmd_login (6db6c10, 1, 0, 687474, 80808080, 1010101) + 364
00017f78 cshttpd_post_cb (6db6c10, 2d26ad, 6f07dc0, 6d, 1, 2e000000) + 470
fed8ff88 cmd_post (6db6c10, 2d26ad, 6f07dc0, 6d, 6f07dc0, baddc800) + 1b8
fed8f2a8 cmd_exec (6db6c10, 4, 2, 0, 0, 0) + da8
fed8d8cc cmdloop (6db6c10, fa8bce9c, 2000, ff000000, 0, 0) + 3bc
fed8c4f0 sock_readable (6db6c10, 1000, fe7ecbc0, fc922400, 5b35bc, 0) + 2f0
feb45564 GDispCx_Dispatch (5b3544, 6f61c04, 6e6300c, fc922400, 5b3634, 0) + 174
feb45b78 GDispCx_InternalWork (6e6300c, fa8c0000, 0, 0, feb45798, 1) + 3e0
fe7c04f4 _lwp_start (0, 0, 0, 0, 0, 0)
...
...
<*来源:Core Security Technologies
链接:http://secunia.com/advisories/34528/
http://marc.info/?l=bugtraq&m=123853308827367&w=2
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-255008-1
*>
测试方法:
--------------------------------------------------------------------------------
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
https://<server>:3443/?tzid=crash
建议:
--------------------------------------------------------------------------------
厂商补丁:
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-255008)以及相应补丁:
Sun-Alert-255008:Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-255008-1
文章转载自网管之家:http://www.bitscn.com/network/security/200905/162593.html
由于oracle的收购,上面红色部分的url已经无效,哪位有此补丁,或者知道新的下载地址,请告诉声,不胜感激!!!
发布日期:2009-03-31
更新日期:2009-04-02
受影响系统:
Sun Java System Calendar Server 6.3
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 34150
CVE(CAN) ID: CVE-2009-1219
Sun Java System Calendar Server是Sun Java System通信套件中的日程服务器组件。
如果远程攻击者向Calendar Server连续两次发送特制的HTTP请求并在tzid参数中设置了字母字符的话,就会导致Calendar Server进程崩溃,可能留下类似于以下栈追踪的崩溃dump,具体取决于系统配置:
$ pstack core
...
...
----------------- lwp# 4 / thread# 4 --------------------
ff05ff40 shtml_finishlogin (6db6c10, 201f8, 6ee7e26, 6e7471ff, 80808080, 1010101) + 160
0001dff4 cmd_login (6db6c10, 1, 0, 687474, 80808080, 1010101) + 364
00017f78 cshttpd_post_cb (6db6c10, 2d26ad, 6f07dc0, 6d, 1, 2e000000) + 470
fed8ff88 cmd_post (6db6c10, 2d26ad, 6f07dc0, 6d, 6f07dc0, baddc800) + 1b8
fed8f2a8 cmd_exec (6db6c10, 4, 2, 0, 0, 0) + da8
fed8d8cc cmdloop (6db6c10, fa8bce9c, 2000, ff000000, 0, 0) + 3bc
fed8c4f0 sock_readable (6db6c10, 1000, fe7ecbc0, fc922400, 5b35bc, 0) + 2f0
feb45564 GDispCx_Dispatch (5b3544, 6f61c04, 6e6300c, fc922400, 5b3634, 0) + 174
feb45b78 GDispCx_InternalWork (6e6300c, fa8c0000, 0, 0, feb45798, 1) + 3e0
fe7c04f4 _lwp_start (0, 0, 0, 0, 0, 0)
...
...
<*来源:Core Security Technologies
链接:http://secunia.com/advisories/34528/
http://marc.info/?l=bugtraq&m=123853308827367&w=2
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-255008-1
*>
测试方法:
--------------------------------------------------------------------------------
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
https://<server>:3443/?tzid=crash
建议:
--------------------------------------------------------------------------------
厂商补丁:
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-255008)以及相应补丁:
Sun-Alert-255008:Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-255008-1
文章转载自网管之家:http://www.bitscn.com/network/security/200905/162593.html
由于oracle的收购,上面红色部分的url已经无效,哪位有此补丁,或者知道新的下载地址,请告诉声,不胜感激!!!
...全文
请发表友善的回复…
发表回复
