[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Gnu-arch-users] Re: [OT] Java is fun!
From: |
Parker, Ron |
Subject: |
RE: [Gnu-arch-users] Re: [OT] Java is fun! |
Date: |
Thu, 23 Oct 2003 11:14:53 -0500 |
> -----Original Message-----
> From: Dustin Sallings [mailto:address@hidden
> I'm referring to C's ability to have data and code get
> mixed up such
> that bad data can insert instructions into the program. I guess
> persistence has nothing to do with this as the same types of problems
> have occurred with services fired off of inetd as well.
>
> The point is, I don't expect to see bugs in java applications
> providing remote shells or other unexpected paths of
> execution remotely.
Given the history of Microsoft's Java VM and Sun's Java VM, this is a vain
expectation. Various Java implementations at various times have provided a
way to break out of the "sandbox". A basic rule of thumb is if something
uses a network transport and is written by Microsoft and runs on a Microsoft
OS, then remote exploitation is possible. This is true of Outlook, Internet
Explorer, SQLServer, Exchange, Office, the MS Java VM, etc.
Microsoft related:
http://www.microsoft.com/security/security_bulletins/ms03-011.asp
http://www.microsoft.com/security/security_bulletins/ms02-069.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS02-052.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS00-075.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/MS00-059.asp
For a complete list of just MS issues, see
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
current.asp?productid=36&servicepackid=0&submit1=go&isie=yes.
Sun related:
http://www.ciac.org/ciac/bulletins/l-032.shtml
Sun Alert Notifications:
1. The Java Runtime Environment Might Allow an Untrusted Java Class to Call
Into a Disallowed Java Class
Free Sun Alert Notifications: 24493 100% 22 Jan 2002
2. Incorrect Certificate Validation in Java Secure Socket Extension (JSSE),
Java Plug-In and Java Web Start
Free Sun Alert Notifications: 50081 66% 24 Jan 2003
3. Security Vulnerability in Java(TM) Runtime Environment "zlib" Compression
Library
Free Sun Alert Notifications: 48761 61% 22 Nov 2002
4. Java SDK and JRE URLConnection Should Perform Checks on Request Headers
Free Sun Alert Notifications: 43298 58% 9 May 2002
5. Security Vulnerability in Java(TM) Runtime Environment Bytecode Verifier
Free Sun Alert Notifications: 43546 58% 9 May 2002
6. Session IDs Generated by Java Web Server 2.0 and Java Web Server 1.x are
Prone to Spoofing
Free Sun Alert Notifications: 24492 52% 22 Jan 2002
7. The Java JIT for Microsoft Windows Fails to run on Intel Pentium 4
Platforms
Free Sun Alert Notifications: 25363 52% 22 Jan 2002
8. Java(TM) Web Start Applications May Gain Access to Restricted Resources
Free Sun Alert Notifications: 43544 50% 21 Mar 2002
9. Java VM Allows Constructors not to Call Other Constructors
Free Sun Alert Notifications: 49304 50% 12 Dec 2002
10. Java Application Might Modify Command Array, Leading to Potential
Security Risk
Free Sun Alert Notifications: 25610 47% 19 Jul 2002
11. Java Virtual Machine (JVM) May Crash Due to Vulnerability in the Java
Media Framework (JMF)
Free Sun Alert Notifications: 54760 47% 14 May 2003
12. Java Runtime Environment May Allow an Untrusted Applet to Access the
System Clipboard
Free Sun Alert Notifications: 40705 38% 22 Jan 2002
13. Potential Security Issue in ServerSocket.accept()
Free Sun Alert Notifications: 23604 25% 22 Jan 2002
14. Timing Based Attack Vulnerabilities in the Java Secure Socket Extention
Free Sun Alert Notifications: 56380 19% 28 Aug 2003
15. Netscape Browser Allows Malicious Applets to Read Data From Local Files
Free Sun Alert Notifications: 23665 13% 22 Jan 2002
16. Java Virtual Machine May Allow Illegal Access to Protected Fields or
Methods
Free Sun Alert Notifications: 50083 13% 24 Jan 2003
17. An Untrusted Applet may Access Information From a Trusted Applet
Free Sun Alert Notifications: 55100 11% 5 Jun 2003
18. An Untrusted Applet may Access Restricted Resources
Free Sun Alert Notifications: 55101 11% 6 Jun 2003
19. Explorer Data Collector Version 4.0 and Earlier on Sun Fire
3800/4800/4810/6800 may not Provide FRU ID Information
Free Sun Alert Notifications: 51769 8% 26 Mar 2003
20. A Vulnerability in JRE May Allow an Untrusted Applet to Escalate
Privileges
Free Sun Alert Notifications: 57221 8% 21 Oct 2003
21. Floating Point Registers May Be Incorrect After Signal Processing
Free Sun Alert Notifications: 26588 5% 11 Jul 2002
22. Security Vulnerabilities with the SNMP Protocol and Sun Products
Free Sun Alert Notifications: 43704 2% 15 Aug 2002
23. Sun Enterprise Systems With Recently Manufactured UltraSPARC II MSRAM
Modules May Experience CPU Failures
Free Sun Alert Notifications: 50474 2% 15 Aug 2003
Sun Security Bulletins:
1. Sun Security Bulletins #134
Sun Security Bulletins: 134 100% 30 May 1991
2. Double Free bug in zlib compression library
Sun Security Bulletins: 220 88% 19 Nov 2002
3. HttpURLConnection
Sun Security Bulletins: 216 80% 5 Mar 2002
4. Bytecode Verifier
Sun Security Bulletins: 218 80% 13 May 2002
5. Potential security issue in class loading
Sun Security Bulletins: 199 64% 29 Nov 2000
6. Java Runtime Environment unauthorized command execution
Sun Security Bulletins: 201 64% 18 Jun 2001
7. Java(TM) Web Start
Sun Security Bulletins: 217 60% 1 Apr 2002
8. Swing
Sun Security Bulletins: 208 52% 24 Oct 2001
9. Java Web Server
Sun Security Bulletins: 197 48% 30 Aug 2000
Or, for CIAC's list of 28 vulnerabilities that touch Java is some way, see
http://www.ciac.org/cgi-bin/webglimpse/www/htdocs/ciac/archive?query=java&er
rors=0&age=&maxfiles=50&maxlines=30.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- RE: [Gnu-arch-users] Re: [OT] Java is fun!,
Parker, Ron <=