Signature Detail

HTTP: Sun Java System Web Server WebDAV Stack Buffer Overflow

This signature detects attempts to exploit a known vulnerability in Sun Java System Web Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Sun Java System Web Server is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue affects the WebDAV functionality. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Sun Java System Web Server 7.0 Update 7 and prior.

Affected Products

• Sun Java System Web Server 7.0 Update 1
• Sun Java System Web Server 7.0 Update 2
• Sun Java System Web Server 7.0 Update 3
• Sun Java System Web Server 7.0 Update 6
• Sun Java System Web Server 7.0 Update 7

References

• BugTraq: 37874
• CVE: CVE-2010-0361
• URL: http://wwws.sun.com/software/products/web_srvr/home_web_srvr.html
• URL: http://intevydis.blogspot.com/2010/01/sun-java-system-web-server-70u7-webdav.html
• URL: http://sunsolve.sun.com/search/document.do?assetkey=1-66-275850-1