Secunia Security Advisory - A vulnerability has been reported in Sun Java System Application Server and Sun GlassFish Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
d2c3caeca67347e5beb42d45f7e0747e4d7338a691463f384044b6f1eb3bf4b4----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
For more information visit:
http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com
----------------------------------------------------------------------
TITLE:
Sun Multiple Products XML Parsing Denial of Service
SECUNIA ADVISORY ID:
SA37754
VERIFY ADVISORY:
http://secunia.com/advisories/37754/
DESCRIPTION:
A vulnerability has been reported in Sun Java System Application
Server and Sun GlassFish Enterprise Server, which can be exploited by
malicious people to cause a DoS (Denial of Service).
For more information see vulnerability #9 in:
SA36159
The vulnerability is reported in Sun GlassFish Enterprise Server
version 2.1 and Sun Java System Application Server version 8.0, 8.1,
and 8.2 on SPARC, x86, Linux, and Windows platforms.
SOLUTION:
Apply patches.
-- SPARC Platform --
Sun GlassFish Enterprise Server v2.1 with HADB - Package Based:
Apply patch 128640-13 (for customers with a valid support contract)
or 141709-02 (for customers without a valid support contract), or
later.
Sun GlassFish Enterprise Server v2.1 with HADB:
Apply patch 128643-13 (for customers with a valid support contract)
or 141700-02 (for customers without a valid support contract), or
later.
Sun Java System Application Server 8.1:
Apply patch 119166-39 (Enterprise Edition package based) or 119169-32
(Enterprise Edition file based), or later.
Sun Java System Application Server 8.2:
Apply patch 124672-13 (Enterprise Edition package based) or 124675-12
(Enterprise Edition file based), or later.
-- x86 Platform --
Sun GlassFish Enterprise Server v2.1 with HADB - Package Based:
Apply patch 128641-13 (for customers with a valid support contract)
or 141710-02 (for customers without a valid support contract), or
later.
Sun GlassFish Enterprise Server v2.1 with HADB:
Apply patch 128644-13 (for customers with a valid support contract)
or 141701-02 (for customers without a valid support contract), or
later.
Sun Java System Application Server 8.1:
Apply patch 119167-39 (Enterprise Edition package based) or 119170-32
(Enterprise Edition file based), or later.
Sun Java System Application Server 8.2:
Apply patch 124673-13 (Enterprise Edition package based) or 124676-12
(Enterprise Edition file based), or later.
-- Linux --
Sun GlassFish Enterprise Server v2.1 with HADB - Package Based:
Apply patch 128642-13 (for customers with a valid support contract)
or 141711-02 (for customers without a valid support contract), or
later.
Sun GlassFish Enterprise Server v2.1 with HADB:
Apply patch 128645-13 (for customers with a valid support contract)
or 141702-02 (for customers without a valid support contract), or
later.
Sun Java System Application Server 8.1:
Apply patch 119168-39 (Enterprise Edition package based) or 119171-32
(Enterprise Edition file based), or later.
Sun Java System Application Server 8.2:
Apply patch 124674-13 (Enterprise Edition package based) or 124677-12
(Enterprise Edition file based), or later.
-- Windows --
Sun GlassFish Enterprise Server v2.1 with HADB:
Apply patch 128646-13 (for customers with a valid support contract)
or 141703-02 (for customers without a valid support contract), or
later.
Sun Java System Application Server 8.1:
Apply patch 122848-24 (Enterprise Edition package based) or 119172-32
(Enterprise Edition file based), or later.
Sun Java System Application Server 8.2:
Apply patch 124684-14 (Enterprise Edition package based) or 124678-12
(Enterprise Edition file based), or later.
ORIGINAL ADVISORY:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1
OTHER REFERENCES:
SA36159:
http://secunia.com/advisories/36159/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed