Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. Security
sun-jdk arbitrary code exec vuln
venkat at rayservers
Nov 26, 2004, 3:07 PM
Post #1 of 2 (1002 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nasty bug: http://www.securityfocus.com/bid/8879/info/

"A vulnerability has been identified in the Sun Java Virtual Machine packaged
with JRE and SDK. This issue results in the circumvention of the Java
Security Model, and can permit an attacker to execute arbitrary code on
vulnerable hosts."

Hushmail warns about this on their site - possible arbitrary code execution by
browsing hostile site with java enabled.

Upgrade to dev-java/sun-jdk-1.4.2.06 and clean - there is a downgrade exploit
as well.

I found it in bugzilla as well:
http://bugs.gentoo.org/show_bug.cgi?id=72172

So I guess a GLSA is pending.

Best regards,

- ---Venkat.

- ----------------------------------------------------------------------------
Venkat Manakkal Tel:+1-607-546-7300 Fax: +1-607-546-7387
venkat@rayservers.com http://www.rayservers.com/
rayservers@hushmail.com Computers. Installed Secure. Wholesale Prices.

PGP/GPG Key: https://www.rayservers.com/keys/0x12430522.asc
- ----------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBp6kIWdkW/RJDBSIRAmLfAJ9YxDMojMawcV7gobzZ97wsjuqUCACfVUfn
OyZjkHIPQzIM3WR2qH3eeLM=
=6NmW
-----END PGP SIGNATURE-----

--
gentoo-security@gentoo.org mailing list
Re: sun-jdk arbitrary code exec vuln [ In reply to ]
volker.armin.hemmann at tu-clausthal
Nov 26, 2004, 5:01 PM
Post #2 of 2 (952 views)
Permalink
On Friday 26 November 2004 23:07, Venkat Manakkal wrote:
> Nasty bug: http://www.securityfocus.com/bid/8879/info/
>
> "A vulnerability has been identified in the Sun Java Virtual Machine
> packaged with JRE and SDK. This issue results in the circumvention of the
> Java Security Model, and can permit an attacker to execute arbitrary code
> on vulnerable hosts."
>
> Hushmail warns about this on their site - possible arbitrary code execution
> by browsing hostile site with java enabled.
>
> Upgrade to dev-java/sun-jdk-1.4.2.06 and clean - there is a downgrade
> exploit as well.
>
> I found it in bugzilla as well:
> http://bugs.gentoo.org/show_bug.cgi?id=72172
>
> So I guess a GLSA is pending.
>
> Best regards,
>
> ---Venkat.

heise. de put up a browser-check some days ago.
If it tells you, that you are vulnerable, you have a problem, if it says, that
you are save, it may be a test-bug.

The page is here:
http://www.heise.de/security/dienste/browsercheck/tests/java.shtml

The page is in german, the relevant part is this paragraph:

Am 23.11.2004 wurde ein Problem bekannt, dass bei Suns Java-Plug-ins
JavaScript auf Java-Objekte zugreifen und dabei die Beschränkungen der
Sandbox umgehen kann. Sie können dies hier testen. Geht beim Klick auf den
Link ein Fenster auf, mit dem Hinweis "Sie sind verwundbar", sollten Sie eine
neuere Java-Version installieren. Sun hat den Fehler in Version 1.4.2_06
beseitigt.

click on the 'hier' and a popup will pop up.

Glück Auf
Volker


ps. konqueror 3.3.1 +java.1.5 is recogniced as vulnerable - the editor of the
aricle/check has contacted the kde people.

--
gentoo-security@gentoo.org mailing list

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal