Dailydave mailing list archives
Re: Sun Web Server stack overflow
From: Evgeny Legerov <admin () vulndisco net>
Date: Wed, 20 Jan 2010 20:08:10 +0300
dave wrote:
iPlanet used to have a real dominant presence in Enterprises before WebLogic and WebSphere eviscerated it? I assume this is the renamed iPlanet Web Server?
Yep, it is also former Sun ONE Web Server.
Does your exploit affect Solaris as well as Linux or does the bug not translate well to SPARC platforms?
Two bugs I've published so far (TRACE and WebDav overflows) should affect all platforms that Sun Web Server supports (confirmed on Windows and Solaris x86). The particular vd_sjws2 exploit supports Linux version only. Regards, Evgeny L.
-dave Evgeny Legerov wrote:Hello,We've published the details of Sun Web Server stack overflow bug here - http://intevydis.blogspot.com/2010/01/sun-java-system-web-server-70u7-webdav.htmlThis is the same bug which has been demonstrated in sjws_demo flash movie http://intevydis.com/sjws_demo.htmlregards, -evgeny _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Sun Web Server stack overflow Evgeny Legerov (Jan 20)
- Re: Sun Web Server stack overflow dave (Jan 20)
- Re: Sun Web Server stack overflow Evgeny Legerov (Jan 20)
- Re: Sun Web Server stack overflow dave (Jan 20)