Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Sun Web Server stack overflow

From: Evgeny Legerov <admin () vulndisco net>
Date: Wed, 20 Jan 2010 20:08:10 +0300
dave wrote:

iPlanet used to have a real dominant presence in Enterprises before
WebLogic and WebSphere eviscerated it? I assume this is the renamed
iPlanet Web Server?


Yep, it is also former Sun ONE Web Server.


Does your exploit affect Solaris as well as Linux or does the bug not
translate well to SPARC platforms?


Two bugs I've published so far (TRACE and WebDav overflows) should
affect all platforms that Sun Web Server supports (confirmed on Windows
and Solaris x86).

The particular vd_sjws2 exploit supports Linux version only.

Regards,
Evgeny L.



-dave


Evgeny Legerov wrote:

Hello,



We've published the details of Sun Web Server stack overflow bug here -
http://intevydis.blogspot.com/2010/01/sun-java-system-web-server-70u7-webdav.html



This is the same bug which has been demonstrated in sjws_demo flash
movie http://intevydis.com/sjws_demo.html



regards,
-evgeny
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave



_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: