-
Notifications
You must be signed in to change notification settings - Fork 0
/
JavaSystemWebServer.xml
233 lines (233 loc) · 20.6 KB
/
JavaSystemWebServer.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
<Vulns> <Vulnerability addData="2007-08-04" gvid="ID104173" id="104173" modifyDate="2015-02-13"> <cvsscode>5.0</cvsscode> <severity>Severe</severity> <name>Netscape/Sun iPlanet存在错误的客户端证书拒绝服务</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>System Web Server 6.0 SP7及更早版本和System Web Server 6.1 SP1 以及更早版本,Application Server 7
Update 4以及更早版本内的未知漏洞,允许远程攻击者通过格式错误的客户端证书进行拒绝服务(崩溃)攻击。</Description> <cnnvd>CNNVD-200412-695</cnnvd> <AlternateIds> <id name="CVE">CVE-2004-2216</id> </AlternateIds> <Solutions>厂商补丁:
Sun
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Sun Java System Web Server 6.0 SP 8:
<a href="
http://wwws.sun.com/software/download/products/40968fe6.html" target="_blank">
http://wwws.sun.com/software/download/products/40968fe6.html</a>
Sun Java System Web Server 6.1 SP 3:
<a href="
http://wwws.sun.com/software/download/products/415a094d.html" target="_blank">
http://wwws.sun.com/software/download/products/415a094d.html</a>
Sun Java System Application Server 7 Standard Edition Update 5:
<a href="
http://wwws.sun.com/software/download/products/414b472d.html" target="_blank">
http://wwws.sun.com/software/download/products/414b472d.html</a>
Sun Java System Application Server Platform Edition 7 Update 5:
<a href="
http://wwws.sun.com/software/download/products/4151fe59.html" target="_blank">
http://wwws.sun.com/software/download/products/4151fe59.html</a>
Sun Java System Application Server 7 2004Q2 Update 1:
<a href="
http://wwws.sun.com/software/download/products/4154c5a5.html" target="_blank">
http://wwws.sun.com/software/download/products/4154c5a5.html</a></Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <high>6.0 SP8</high> </range>
<range> <low>6.1</low> <high>6.1 SP2</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2007-08-04" gvid="ID104174" id="104174" modifyDate="2015-02-13"> <cvsscode>6.8</cvsscode> <severity>Severe</severity> <name>Netscape/Sun iPlanet 跨站脚本漏洞</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>在Sun ONE Web服务器6.0 SP9及以下版本,Java系统Web服务器6.1 SP4及以下版本, Sun ONE应用程序服务器7平台和Standard Edition Update 6及以下版本, 和Java系统应用程序服务器7 2004Q2 Standard 和Enterprise Edition Update 2中的跨站脚本(XSS)允许远程攻击者通过涉及错误消息的未知攻击向量注入任意Web脚本或HTML。</Description> <cnnvd>CNNVD-200605-358</cnnvd> <AlternateIds> <id name="CVE">CVE-2006-2501</id> </AlternateIds> <Solutions>目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Sun ONE Web Server 6.0 SP5
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP9
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP4
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP7
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP6
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP2
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP3
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP8
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun ONE Web Server 6.0 SP1
Sun Sun ONE Web Server 6.0 Service Pack 10
http://www.sun.com/download/products.xml?id=43a84f89
Sun Java System Web Server 6.1 SP4
Sun Sun Java System Web Server 6.1 Service Pack 5
http://www.sun.com/download/products.xml?id=434aec1d
Sun Java System Web Server 6.1 SP3
Sun Sun Java System Web Server 6.1 Service Pack 5
http://www.sun.com/download/products.xml?id=434aec1d
Sun Java System Web Server 6.1 SP1
Sun Sun Java System Web Server 6.1 Service Pack 5
http://www.sun.com/download/products.xml?id=434aec1d
Sun Java System Web Server 6.1 SP2
Sun Sun Java System Web Server 6.1 Service Pack 5
http://www.sun.com/download/products.xml?id=434aec1d
Sun Java System Web Server 6.1
Sun Sun Java System Web Server 6.1 Service Pack 5
http://www.sun.com/download/products.xml?id=434aec1d
Sun ONE Application Server 7.0 UR1 Platform Edition
Sun Sun ONE Application Server 7 Platform Edition Update 7
http://www.sun.com/download/products.xml?id=42ae3178
Sun ONE Application Server 7.0 UR2 Standard Edition
Sun Sun ONE Application Server 7 Standard Edition Update 7
http://www.sun.com/download/products.xml?id=42ae317c
Sun ONE Application Server 7.0 Standard Edition
Sun Sun ONE Application Server 7 Standard Edition Update 7
http://www.sun.com/download/products.xml?id=42ae317c
Sun Java System Application Server 7.0 2004Q2 R2 Standard
Sun Sun Java System Application Server 7 2004Q2 Standard Edition Update 3
http://www.sun.com/download/products.xml?id=4331ff42
Sun Java System Application Server 7.0 2004Q2 R2 Enterprise
Sun Sun Java System Application Server 7 2004Q2 Enterprise Edition Update 3
http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId =SJAS72004Q2U4-EE-OTH-G-ES&TransactionId=try
Sun ONE Application Server 7.0 UR6 Standard Edition
Sun Sun ONE Application Server 7 Standard Edition Update 7
http://www.sun.com/download/products.xml?id=42ae317c
Sun ONE Application Server 7.0 Platform Edition
Sun Sun ONE Application Server 7 Platform Edition Update 7
http://www.sun.com/download/products.xml?id=42ae3178
Sun ONE Application Server 7.0 UR2 Platform Edition
Sun Sun ONE Application Server 7 Platform Edition Update 7
http://www.sun.com/download/products.xml?id=42ae3178
Sun Java System Application Server 7.0 2004Q2 R1Enterprise
Sun Sun Java System Application Server 7 2004Q2 Enterprise Edition Update 3
http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId =SJAS72004Q2U4-EE-OTH-G-ES&TransactionId=try
Sun ONE Application Server 7.0 UR6 Platform Edition
Sun Sun ONE Application Server 7 Platform Edition Update 7
http://www.sun.com/download/products.xml?id=42ae3178
Sun Java System Application Server 7.0 2004Q2 R1Standard
Sun Sun Java System Application Server 7 2004Q2 Standard Edition Update 3
http://www.sun.com/download/products.xml?id=4331ff42
Sun ONE Application Server 7.0 UR2 Upgrade Platform
Sun Sun ONE Application Server 7 Platform Edition Update 7
http://www.sun.com/download/products.xml?id=42ae3178
Sun ONE Application Server 7.0 UR2 Upgrade Standard
Sun Sun ONE Application Server 7 Standard Edition Update 7
http://www.sun.com/download/products.xml?id=42ae317c
Sun ONE Application Server 7.0 UR1 Standard Edition
Sun Sun ONE Application Server 7 Standard Edition Update 7
http://www.sun.com/download/products.xml?id=42ae317c
</Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <high>6.0 SP10</high> </range>
<range> <low>6.1</low> <high>6.1 SP5</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2007-08-04" gvid="ID104175" id="104175" modifyDate="2013-12-04"> <cvsscode>7.5</cvsscode> <severity>Critical</severity> <name>Netscape/Sun iPlanet修改Hello Message报文缓冲区溢出</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>在Netscape网络安全服务(NSS)库中基于堆的缓冲区溢出允许远程攻击者通过修改客户端的SSLv2 hello消息中的记录长度字段执行任意代码。</Description> <cnnvd>CNNVD-200412-948</cnnvd> <AlternateIds> <id name="CVE">CVE-2004-0826</id> </AlternateIds> <Solutions>厂商补丁:
Netscape
--------
供应商提供的NSS库可从如下地址获得:
ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_9_2_RTM
另外也可以通过参数设置关闭中SSL 2来暂时防护。</Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <high>6.0 SP9</high> </range>
<range> <low>6.1</low> <high>6.1 SP3</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2007-08-03" gvid="ID104176" id="104176" modifyDate="2015-02-13"> <cvsscode>6.8</cvsscode> <severity>Severe</severity> <name>Netscape iPlanet /Sun iPlanet NSS SSLv2 2客户端密钥缓冲区溢出</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>Sun iPlanet/Java Web服务器易受SSLv2(用于HTTPS)处理中的缓冲区溢出攻击。
网络安全服务(NSS)库包含一个在解析
SSL公钥中的整数下溢错误。整数下溢会造成基于堆的缓冲区溢出
在服务器上执行任意代码。</Description> <cnnvd></cnnvd> <AlternateIds> <id name="CVE">CVE-2007-0009,CVE-2007-0008</id> </AlternateIds> <Solutions></Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product name="Java System Web Server">
<version>
<range> <low>6.0</low> <high>8.0</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2007-07-25" gvid="ID104177" id="104177" modifyDate="2013-05-03"> <cvsscode>9.3</cvsscode> <severity>Critical</severity> <name>Netscape/Sun iPlanet版本过时</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>Sun不再支持iPlanet和Sun ONE。这些产品已更名为Sun Java System。
老版本的iPlanet和Netscape Enterprise Server容易出现很多的漏洞
如缓冲区溢出攻击,HTML注入攻击,和跨站脚本攻击以及更多。
不安全的iPlanet安装应该由Sun Java System分布的新
网络应用服务器取代。</Description> <AlternateIds> <id name="CVE"></id> </AlternateIds> <Solutions>目前厂商还没有提供此漏洞的相关补丁或者升级程序,建议使用此软件的用户随时关注厂商的主页以获取最新版本:
https://www.alice-dsl.de/</Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product name="Java System Web Server">
<version> <range> <high>6.1</high> </range> </version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2007-08-04" gvid="ID104178" id="104178" modifyDate="2015-02-13"> <cvsscode>4.0</cvsscode> <severity>Severe</severity> <name>Netscape/SuniPlanet远程验证拒绝服务</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>启用SSLv2时, 在SP 10之前的Sun Java System Web Server 6.0和 Update 3的 ONE Application Server 7的网络安全服务(NSS)中的不明漏洞允许远程身份验证的用户通过不明向量造成拒绝服务(应用程序崩溃)。</Description> <cnnvd>CNNVD-200611-018</cnnvd> <AlternateIds> <id name="CVE">CVE-2006-5654</id> </AlternateIds> <Solutions>目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Sun-Alert-102896:Directory Server May Hang Due to a Memory Leak in the Network Security Services (NSS) Software
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102896-1
Sun-Alert-102670:A Vulnerability in Network Security Services (NSS) Affects Sun Java System Web Server and Sun ONE Application Server
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102670-1
Sun-Alert-102461:Systems With Sun Java Enterprise System Installed May Hang Due to a Memory Leak in the Network Security Services (NSS) Software
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102461-1</Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <high>6.0 SP10</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2006-04-02" gvid="ID104180" id="104180" modifyDate="2013-12-04"> <cvsscode>7.5</cvsscode> <severity>Critical</severity> <name>Netscape/Sun iPlanet 搜索缓冲区溢出</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>Netscape/Sun iPlanetWeb服务器搜索工具容易以向NS-rel-doc发送长数值的方式易受到基于堆栈溢出漏洞的攻击。此漏洞可被远程利用,允许在web服务器上执行任意代码。</Description> <cnnvd>CNNVD-200207-078</cnnvd> <AlternateIds> <id name="CVE">CVE-2002-0686</id> </AlternateIds> <Solutions>临时解决方法:
如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
* 暂时没有合适的临时解决方法。
厂商补丁:
iPlanet E-Commerce Solutions
----------------------------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
<a href="
http://www.iplanet.com/" target="_blank">
http://www.iplanet.com/</a></Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <low>4.0</low> <high inclusive="0">4.0 SP10</high> </range>
<range> <low>6.0</low> <high inclusive="0">6.0 SP3</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2006-04-02" gvid="ID104181" id="104181" modifyDate="2013-12-04"> <cvsscode>7.5</cvsscode> <severity>Critical</severity> <name>Netscape/Sun iPlanet 和 Sun ONE分块传输编码缓冲区溢出</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>Netscape/Sun iPlanet和Sun ONE Web服务器易受堆栈的溢出漏洞的影响,这是由于分块传输编码的处理不当引起的。可远程利用此漏洞,允许在web服务器上执行任意代码。</Description> <cnnvd>CNNVD-200208-025</cnnvd> <AlternateIds> <id name="CVE">CVE-2002-0845</id> </AlternateIds> <Solutions>临时解决方法:
如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
编译和安装下面的NSAPI SAF:
#include
NSAPI_PUBLIC int noTransEnc(pblock *pb, Session *sn, Request *rq)
{
int ret = REQ_NOACTION;
char *temp;
temp = pblock_findval("transfer-encoding", rq->headers);
if (temp != NULL) {
log_error(LOG_SECURITY, "noTransEnc", sn, rq,
"Attemped Transfer Encoding ... aborting.",
temp);
protocol_status(sn, rq, 505, "HTTP Version Not Supported");
ret = REQ_ABORTED;
}
return ret;
}
使用方法:
在[server-root]/[server-instance]/config/obj.conf:
Init fn="load-modules" shlib="[path to libs]/noTranEnc.so" funcs="noTransEnc"
AuthTrans fn=noTransEnc
这个插件是用来处理编码请求的,如果必须在某些目录上使用到chunked编码方式,在那些目录上的chunked编码方式的攻击将会有效。关闭使用这个插件。
另建议Solaris用户在/etc/system中把noexec_user_stack选项设置为1。
厂商补丁:
Sun
---
目前厂商已经在6.0 SP4和4.1 SP11中修复了这个安全问题,请到厂商的主页下载:
Sun ONE Web Server 6.0 Service Pack 4:
<a href="
http://wwws.sun.com/software/download/download/5289.html" target="_blank">
http://wwws.sun.com/software/download/download/5289.html</a>
Sun ONE Web Server 4.1 Service Pack 11 :
<a href="
http://wwws.sun.com/software/download/download/5292.html" target="_blank">
http://wwws.sun.com/software/download/download/5292.html</a></Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <low>4.0</low> <high inclusive="0">4.0 SP11</high> </range>
<range> <low>6.0</low> <high inclusive="0">6.0 SP4</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability> <Vulnerability addData="2006-04-02" gvid="ID104182" id="104182" modifyDate="2015-02-13"> <cvsscode>5.0</cvsscode> <severity>Severe</severity> <name>Netscape/Sun iPlanet和Sun ONE 未指定Windows DoS</name> <Tags> <tag></tag> </Tags> <cvss></cvss> <Description>Netscape/Sun iPlanet和 Sun ONE Web Servers SP3到 SP5中存在一个不确定的拒绝服务漏洞。</Description> <cnnvd>CNNVD-200312-188</cnnvd> <AlternateIds> <id name="CVE">CVE-2003-1126</id> </AlternateIds> <Solutions></Solutions> <Check scope="endpoint"> <NetworkService type="HTTP|HTTPS">
<Product minCertainty="0.9" name="Java System Web Server">
<version>
<range> <low>6.0 SP3</low> <high inclusive="0">6.0 SP6</high> </range>
</version>
</Product>
</NetworkService> </Check> </Vulnerability></Vulns>