Server vulnerability through bug in Sun’s Java Web Console
Sun has published updates for the Sun Java Web Console to fix a security vulnerability. The Java Web Console provides remote administrative management access to the system. According to an advisory by security service provider n.runs who detected this hole, a format string vulnerability in the logging of failed log-ins is responsible for the vulnerability, which can be exploited by unauthenticated remote users. Only limited information is available on the exact cause of this problem.
Although according to Sun the vulnerability can only be used to crash the console service or to spy out data, n.runs warns that it may also be used for remote code execution. Affected systems include Java Web Console 2.2.2 - 2.2.5 and Solaris 10. By default, Solaris 8 and 9 are not equipped with the console. Solaris 10 11/06 and higher versions are not affected by this bug. For all other versions, the updates for x98 and Sparc eliminate the problem. Alternatively, users may turn off console logging with the following command: /usr/sbin/smreg add -p -c logging.default.level=off
- Security Vulnerability in the Sun Java Web Console May Allow Access to Privileged Data or Lead to Denial of Service, advisory published by Sun
- Sun Microsystems, Inc., Java Web Console Format string vulnerability, advisory published by n.runs