This was in todays SANS security newsletter: I had not seen this so I thought I would post it. ***************************** Widely Deployed Software ***************************** (1) MODERATE: Sun Java Virtual Machine Security Bypass Affected Products: Sun SDK and JRE version 1.4.1_03 and prior Sun SDK and JRE version 1.3.1_08 and prior Sun SDK and JRE version 1.2.2_015 and prior Description: Sun's implementation of Java Virtual Machine (JVM) has been reported to contain a vulnerability which can be exploited by a malicious Java applet. A hostile applet can bypass any security restrictions and possibly execute arbitrary code on a client machine with the privileges of the logged-on user. The applet can be delivered by a website or an HTML-formatted email. Note that this vulnerability affects all web-browsers which use Sun's Java Runtime Environment (JRE) plug-in such as Netscape, Mozilla and potentially Internet Explorer. The discoverers of the vulnerability have developed a proof-of-concept exploit which they plan to release in another four weeks. Status: Vendor confirmed, patches available. Council Site Actions: Several council sites are running the affected software and plan to deploy the patches within the next four weeks. Several other sites are still investigating whether the affected software is in use. Some of these sights are scanning for affected hosts and will patch if any are found. Several other council sites stated that they use the Microsoft JVM and have some concerns that it may be vulnerable to same attack. These sites are awaiting further information from Microsoft. One site does not plan to take any action at this time since their current network configuration, up-to-date AV, web blocking/filtering and IDS implementation protects them from this type of vulnerability/exploit, mitigates risk and helps prevent any new malicious code from being introduced. References: Posting by the Last-Stage-of-Delirium (discovered the bug) http://archives.neohapsis.com/archives/bugtraq/2003-10/0223.html Posting by Alla Bezroutchko http://archives.neohapsis.com/archives/bugtraq/2003-10/0254.html Sun Alert Notification http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221 "Sandbox" Restrictions for Java Applets http://www.securingjava.com/chapter-two/chapter-two-2.html SecurityFocus BID http://www.securityfocus.com/bid/8879 -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
