Sun Java System Web
Server WebDAV Stack Buffer Overflow Vulnerability
Date Discovered:
01/20/2009
Severity:
High
Applications Affected:
Sun Java System Web Server 7.0
Type:
Remote
Identifiers:
CVE-2010-0361
Synopsis
Sun Java
System
Web Server is prone to remote stack-based buffer overflow
vulnerability, which could be exploited to cause stack-based buffer
overflow in security
context of logged-in user.
Recommended Actions
Allow only trusted users.
Threat Analysis
Sun
Java System Web Server is a web server intended for average and huge
business applications. It provides the most scalable, high-performance,
flexibility and supports a variety of applications.
Sun Java System Web Server is prone to remote stack-based buffer
overflow vulnerability. This vulnerability exists because the
“webservd” service in WebDAV implementation received a
crafted long URI in HTTP OPTIONS request. Successful
exploitation allows remote attackers to cause stack-based buffer
overflow, resulting in webservd service crash.
