Intrusion Prevention

Sun.Java.System.Web.Proxy.Server.SOCKS.Buffer.Overflow

Description

This indicates an attack attempt against buffer-overflow vulnerabilities in the SOCKS module of Sun Java System Web Proxy Server.
The vulnerability is caused by improper boundary checking. It allows a remote attacker to execute arbitrary code with root privileges.

Affected Products

Sun Java Web Proxy Server 4.0.3
Sun Java Web Proxy Server 4.0 SP1
Sun Java Web Proxy Server 4.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrades or patches from the vendor:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102927-1

CVE References

CVE-2007-2881