Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
BID:21673
Info
Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
| Bugtraq ID: | 21673 |
| Class: | Access Validation Error |
| CVE: |
CVE-2006-6745 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 19 2006 12:00AM |
| Updated: | Mar 19 2015 09:21AM |
| Credit: | Tom Hawtin is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 9 SuSE SUSE Linux Enterprise Server 8 SuSE SUSE Linux Enterprise Server 10 SP1 SuSE SUSE Linux Enterprise SDK 10 SuSE SUSE Linux Enterprise Desktop 10 SP1 SuSE SUSE Linux Enterprise Desktop 10 SuSE Linux 9.3 Sun SDK (Linux Production Release) 1.5 _07 Sun SDK (Linux Production Release) 1.5 _06 Sun SDK (Linux Production Release) 1.5 _05 Sun SDK (Linux Production Release) 1.5 _04 Sun SDK (Linux Production Release) 1.5 _03 Sun SDK (Linux Production Release) 1.5 _02 Sun SDK (Linux Production Release) 1.5 _01 Sun SDK (Linux Production Release) 1.5 Sun SDK (Linux Production Release) 1.4.2 _10 Sun SDK (Linux Production Release) 1.4.2 _09 Sun SDK (Linux Production Release) 1.4.2 _08 Sun SDK (Linux Production Release) 1.4.2 _07 Sun SDK (Linux Production Release) 1.4.2 _06 Sun SDK (Linux Production Release) 1.4.2 _05 Sun SDK (Linux Production Release) 1.4.2 _04 Sun SDK (Linux Production Release) 1.4.2 _03 Sun SDK (Linux Production Release) 1.4.2 _02 Sun SDK (Linux Production Release) 1.4.2 _01 Sun SDK (Linux Production Release) 1.4.2 Sun SDK (Linux Production Release) 1.4.1 Sun SDK (Linux Production Release) 1.4 Sun SDK (Linux Production Release) 1.4.2_11 Sun JRE (Linux Production Release) 1.5 _07 Sun JRE (Linux Production Release) 1.5 _05 Sun JRE (Linux Production Release) 1.5 _04 Sun JRE (Linux Production Release) 1.5 _03 Sun JRE (Linux Production Release) 1.5 _02 Sun JRE (Linux Production Release) 1.5 _01 Sun JRE (Linux Production Release) 1.4.2 _10-b03 Sun JRE (Linux Production Release) 1.4.2 _09 Sun JRE (Linux Production Release) 1.4.2 _08 Sun JRE (Linux Production Release) 1.4.2 _07 Sun JRE (Linux Production Release) 1.4.2 _06 Sun JRE (Linux Production Release) 1.4.2 _05 Sun JRE (Linux Production Release) 1.4.2 _04 Sun JRE (Linux Production Release) 1.4.2 _03 Sun JRE (Linux Production Release) 1.4.2 _02 Sun JRE (Linux Production Release) 1.4.2 _01 Sun JRE (Linux Production Release) 1.4.2 Sun JRE (Linux Production Release) 1.4.1 Sun JRE (Linux Production Release) 1.4.2_13 Sun JRE (Linux Production Release) 1.4.2_12 Sun JRE (Linux Production Release) 1.4.2_11 S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard Server 8.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Linux 10.1 S.u.S.E. Linux 10.0 RedHat Enterprise Linux Extras 4 RedHat Enterprise Linux Extras 3 Novell Open Enterprise Server (OES) 0 Novell Linux Desktop 9 HP HP-UX B.11.23 HP HP-UX B.11.11 Gentoo Linux BEA Systems JRockit 8.1 BEA Systems JRockit 8.0 BEA Systems JRockit 7.0 BEA Systems JRockit 3.1.5 BEA Systems JRockit 3.1.4 .1 BEA Systems JRockit 3.1.4 BEA Systems JRockit 3.1.3 BEA Systems JRockit 3.1.2 BEA Systems JRockit 3.1.1 BEA Systems JRockit 1.4.2 BEA Systems JRockit 1.4.2 R4.5 Avaya Predictive Dialer 0 Avaya Interactive Response 1.3 Avaya Interactive Response 2.0 Avaya Integrated Management Avaya CVLAN Apple Mac OS X Server 10.4.11 Apple Mac OS X Server 10.4.10 Apple Mac OS X 10.4.11 Apple Mac OS X 10.4.10 |
| Not Vulnerable: |
Sun SDK (Linux Production Release) 1.3.1 _19 Sun SDK (Linux Production Release) 1.3 Sun SDK (Linux Production Release) 1.4.2_13 Sun JRE (Solaris Production Release) 1.3.1 Sun JRE (Solaris Production Release) 1.3 _04 Sun JRE (Solaris Production Release) 1.3 _03 Sun JRE (Solaris Production Release) 1.3 _01 Sun JRE (Linux Production Release) 1.3.1 _19 Sun JRE (Linux Production Release) 1.3.1 _18 Sun JRE (Linux Production Release) 1.3.1 _17 Sun JRE (Linux Production Release) 1.3.1 _16 Sun JRE (Linux Production Release) 1.3.1 _15 Sun JRE (Linux Production Release) 1.3.1 _08 Sun JRE (Linux Production Release) 1.3.1 _04 Sun JRE (Linux Production Release) 1.3.1 _01a Sun JRE (Linux Production Release) 1.3.1 _01 Sun JRE (Linux Production Release) 1.3 .0_05 Sun JRE (Linux Production Release) 1.3 .0_02 Sun JRE (Linux Production Release) 1.3 .0 Sun JRE (Linux Production Release) 1.5.0_08 Sun Java 2 Standard Edition SDK 1.3.1 .x BEA Systems JRockit 1.4.2 07 BEA Systems JRockit 1.3.1 20 BEA Systems JRockit 1.5.0_04 |
Discussion
Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
The Sun Java Runtime Environment is prone to multiple remote privilege-escalation vulnerabilities.
An attacker can execute arbitrary code and commands in the context of a user who invokes the Java applet or application.
A successful attack can facilitate privilege escalation.
The Sun Java Runtime Environment is prone to multiple remote privilege-escalation vulnerabilities.
An attacker can execute arbitrary code and commands in the context of a user who invokes the Java applet or application.
A successful attack can facilitate privilege escalation.
Exploit / POC
Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
US-CERT has reported the appearance of publicly available exploit code for multiple Sun Java Runtime Environment (JRE) vulnerabilities.
US-CERT has reported the appearance of publicly available exploit code for multiple Sun Java Runtime Environment (JRE) vulnerabilities.
Solution / Fix
Sun Java Runtime Environment Multiple Remote Privilege Escalation Vulnerabilities
Solution:
Sun has released Sun Alert Advisory 102731 with fixes to address these issues. Please see the references for more information.
BEA Systems JRockit 1.4.2 R4.5
Apple Mac OS X 10.4.10
Apple Mac OS X Server 10.4.10
Apple Mac OS X 10.4.11
Apple Mac OS X Server 10.4.11
Solution:
Sun has released Sun Alert Advisory 102731 with fixes to address these issues. Please see the references for more information.
BEA Systems JRockit 1.4.2 R4.5
-
BEA Systems CR310095_CR318640_CR315192_JR-R24.5_1.4.2_08_linux32.tar.gz
ftp://anonymous:dev2dev%[email protected]/pub/releases/security/ CR310095_CR318640_CR315192_JR-R24.5_1.4.2_08_linux32.tar.gz
Apple Mac OS X 10.4.10
-
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X Server 10.4.10
-
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X 10.4.11
-
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg
Apple Mac OS X Server 10.4.11
-
Apple Java for Mac OS X 10.4, Release 6
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=16540&cat= 1&platform=osx&method=sa/JavaForMacOSX10.4Release6.dmg