RULE(RULE ID:333096)

Rule General Information
Release Date: 2021-03-26
Rule Name: Sun Java System Web Server WEBDAV Stack Buffer Overflow Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: A stack buffer overflow vulnerability exists in Sun Java System Web Server. The vulnerability is due to a boundary error when processing crafted WEBDAV requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code to be injected and executed in the security context of the affected process. In an attack scenario, where arbitrary code is injected and executed on the target machine, the behaviour of the target is dependent on the logic of the malicious code. An unsuccessful exploit attempt may abnormally terminate the affected service.
Impact: A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service.
Affected OS: Windows, Linux, Others
Reference:
Solutions
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.