[30899] in bugtraq
Re: Windows NT 4.0 with IBM JVM Denial of Service
daemon@ATHENA.MIT.EDU (Marc Schoenefeld)
Fri Jul 25 15:32:18 2003
Date: Fri, 25 Jul 2003 20:29:24 +0200 (MES)
From: Marc Schoenefeld <schonef@uni-muenster.de>
To: "@stake Advisories" <advisories@atstake.com>
In-Reply-To: <3F1EF90D.80702@atstake.com>
Message-ID: <Pine.A41.4.44.0307252009220.105378-100000@zivunix.uni-muenster.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 23 Jul 2003, @stake Advisories wrote:
[..]
>
> Advisory Name: Windows NT 4.0 with IBM JVM Denial of Service
> Release Date: 07/23/2003
> Application: Any Java application, other applications
> are possible attack vectors.
> Platform: Java 2 Runtime Environment, Standard Edition
> (build 1.3.0), Windows NT 4.0
> Severity: Denial of service
Analysis:
Windows NT 4.0 : outdated
IBM JAVA 1.3.0 : outdated
File handling in servlets : Bad design anti-pattern (better use EJB)
> Recommendation:
>
> Java developers should identify all occurances and perform data
> validation where java.io.getCanonicalPath is used.
- - That does not help if the getCanonicalPath is used in a
library that is not available in source code. You might
have to use a decompiler or use a tool that searches for
nested calls to such routines. I have written such a tool if
you like to use it contact me via email.
- - But generally: Developers should think about system design that does not
base on direct file access in the web-tier (least function principle).
>
> NT 4.0 Administrators running servers which use Java servlets
> should consider installing the Microsoft supplied patch.
- - DEPLOYERS should update their JVM (if their code
does not use proprietary IBM stuff) to an uptodate JVM like
Sun JRE 1.4.1_03.
Cheers
Marc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (AIX)
Comment: For info see http://www.gnupg.org
iD8DBQE/IXcHqCaQvrKNUNQRAhbZAJwKjg+jSAOceGRehLaZO1HhET6UygCeN1kc
53vU1gWicAZObo19fSWjxbc=
=DLEd
-----END PGP SIGNATURE-----
