The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of JRE, JDK, SDK: connection to a local port

Synthesis of the vulnerability 

A Java applet can connect to a local port of victim's computer.
Vulnerable products: OpenView, OpenView Operations, openSUSE, Java Oracle, RHEL, Slackware, SLES.
Severity of this weakness: 2/4.
Creation date: 19/07/2007.
Revision date: 30/10/2007.
Références of this bulletin: 102934, 102958, 102995, 6483556, 6483560, 6490790, BID-25054, c01269450, CERTA-2007-AVI-349, CVE-2007-3922, HPSBMA02288, NGS00443, RHSA-2007:0818-01, RHSA-2007:0829-01, RHSA-2008:0133-01, SSA:2007-243-01, SSRT071465, SUSE-SA:2007:056, VIGILANCE-VUL-7020.

Description of the vulnerability 

The APPLET tag permit to insert a Java applet in a HTML page. For example:
  <APPLET codebase="http://internet-server/dir" code="name.class">
The "codebase" attribute indicates the name of directory containing the applet.

An Java applet coming from internet cannot normally access to resources of computer. However, if the codebase attribute starts by "verbatim:", the applet is loaded from the internet server, but the Java plugin thinks it is local.

This applet can thus connect to local ports of victim's computer.

An attacker can therefore obtain information or exploit a vulnerability of these services.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat bulletin impacts software or systems such as OpenView, OpenView Operations, openSUSE, Java Oracle, RHEL, Slackware, SLES.

Our Vigil@nce team determined that the severity of this computer threat bulletin is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer threat.

Solutions for this threat 

Java JDK/JRE: version 6.0 Update 2.
Version 6.0 Update 2 is corrected:
  http://java.sun.com/javase/downloads/index.jsp
  http://java.sun.com/javase/6/webnotes/ReleaseNotes.html
For Solaris :
  Sparc :
    32 bits : patch 125136-04
    64 bits : patch 125137-04
  x86 :
    32 bits : patch 125138-04
    64 bits : patch 125139-04

JDK, JRE: version 5.0 Update 12.
Version 5.0 Update 12 is corrected:
  http://java.sun.com/javase/downloads/index_jdk5.jsp
Then, documents created by JavaDoc have to be regenerated.

SDK, JRE: version 1.4.2_15.
Version 1.4.2_15 is corrected:
  http://java.sun.com/j2se/1.4.2/download.html

OpenView Operations: patch for Java.
A patch is available:
  OVO 7.1X
    HP-UX B.11.11 : PHSS_37197
    Solaris : ITOSOL_00619
  OVO 8.X
    HP-UX B.11.11 : PHSS_37183
    HP-UX B.11.23 (PA) : PHSS_37183
    HP-UX B.11.23 (IA) : PHSS_37182
    HP-UX B.11.31 : PHSS_37182
    Solaris : ITOSOL_00618

RHEL 2.1: new IBMJava2 packages.
New packages are available:
  IBMJava2-JRE-1.3.1-17
  IBMJava2-SDK-1.3.1-17

RHEL 4, 5: new java-1.5.0-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 4: java-1.5.0-ibm-1.5.0.5-1jpp.2.el4
Red Hat Enterprise Linux version 5: java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5

RHEL Extras 4: new java-1.5.0-sun packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras: java-1.5.0-sun-1.5.0.12-1jpp.2.el4

Slackware: new java (jre, jdk) packages.
New packages are available:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/jre-6u2-i586-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/extra/jdk-6/jdk-6u2-i586-1.tgz

SUSE: new IBM Java packages.
New packages are available:
   UnitedLinux 1.0
     http://support.novell.com/techcenter/psdb/4931a7f4cae4a43064c21ec2362f54e5.html
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SuSE Linux Openexchange Server 4
     http://support.novell.com/techcenter/psdb/4931a7f4cae4a43064c21ec2362f54e5.html
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   Open Enterprise Server
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   Novell Linux POS 9
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SuSE Linux Enterprise Server 8
     http://support.novell.com/techcenter/psdb/4931a7f4cae4a43064c21ec2362f54e5.html
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SuSE Linux Standard Server 8
     http://support.novell.com/techcenter/psdb/4931a7f4cae4a43064c21ec2362f54e5.html
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SuSE Linux School Server
     http://support.novell.com/techcenter/psdb/4931a7f4cae4a43064c21ec2362f54e5.html
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SUSE LINUX Retail Solution 8
     http://support.novell.com/techcenter/psdb/4931a7f4cae4a43064c21ec2362f54e5.html
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SUSE SLES 9
     http://support.novell.com/techcenter/psdb/1d3d4cc05bdfc425f875a1d8a7ef9b7e.html
   SLE SDK 10 SP1
     http://support.novell.com/techcenter/psdb/51fd7d03020fe413e43cda8f60442612.html
   SUSE Linux Enterprise Server 10 SP1
     http://support.novell.com/techcenter/psdb/51fd7d03020fe413e43cda8f60442612.html
     http://support.novell.com/techcenter/psdb/5544d25cb52fbadcc4de5bfd2d3654a1.html
   SUSE Linux Enterprise Desktop 10 SP1
     http://support.novell.com/techcenter/psdb/5544d25cb52fbadcc4de5bfd2d3654a1.html
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computers vulnerabilities announce. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.