Sun Java运行时环境 拒绝服务攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1187800 漏洞类型 权限许可和访问控制
发布时间 2008-01-31 更新时间 2008-06-26
CVE编号 CVE-2008-0628 CNNVD-ID CNNVD-200802-093
漏洞平台 N/A CVSS评分 7.8
|漏洞来源
https://www.securityfocus.com/bid/27553
https://cxsecurity.com/issue/WLB-2008020023
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200802-093
|漏洞详情
Solaris系统的Java运行时环境(JRE)为JAVA应用程序提供可靠的运行环境。JRE在处理外部实体引用时存在漏洞,攻击者可能利用此漏洞通过诱使用户处理恶意XML文档访问某些URL或导致拒绝服务。默认下Java运行时环境(JRE)允许处理外部实体引用。如果要禁止处理外部实体引用,站点可以将externalgeneralentities属性设置为FALSE。JRE中的漏洞允许即使在将externalgeneralentities属性设置为FALSE的情况下仍允许处理外部实体引用,如果用户受骗打开恶意的XML文档的话就可能导致访问某些URL或拒绝服务。
|漏洞EXP
Hi,

Now that Sun has fixed this in JDK6u4, I thought this might be of
interest to people:

http://scarybeastsecurity.blogspot.com/

Essentially, one common XXE protection method was broken in the
default XML parser, in JDK6.

In particular, I'm worried about web services (and other server-side
XML accepting technologies) deployed under JDK6. I haven't had time to
look into common web service frameworks and see how they implement XXE
protection. Might be interesting to look into specific technologies
that broke.

Cheers
Chris
|受影响的产品
Sun JRE (Linux Production Release) 1.6 _04 Sun JRE 6.0 Update 3 Sun JRE 6.0 Update 2 Sun JRE 6.0 Update 1 Sun JDK (Linux Production Release) 1.6 _04 Sun JDK (Linux Producti
|参考资料

来源:SECUNIA
名称:28746
链接:http://secunia.com/advisories/28746
来源:SECTRACK
名称:1019292
链接:http://www.securitytracker.com/id?1019292
来源:BUGTRAQ
名称:20080202SunJRE/JDKbugintroducesXXEpossibilities
链接:http://www.securityfocus.com/archive/1/archive/1/487434/100/0/threaded
来源:GENTOO
名称:GLSA-200806-11
链接:http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml
来源:VUPEN
名称:ADV-2008-0371
链接:http://www.frsirt.com/english/advisories/2008/0371
来源:SUNALERT
名称:231246
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-231246-1
来源:SECUNIA
名称:30780
链接:http://secunia.com/advisories/30780
来源:MISC
链接:http://scary.beasts.org/security/CESA-2007-002.html
来源:BID
名称:27553
链接:http://www.securityfocus.com/bid/27553
来源:REDHAT
名称:RHSA-2008:0245
链接:http://www.redhat.com/support/errata/RHSA-2008-0245.html
来源:GENTOO
名称:GLSA-200804-20
链接:http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml
来源:VUPEN
名称:ADV-2008-1252
链接:http://www.frsirt.com/english/advisories/2008/1252
来源:SREASON
名称:3621
链接:http://securityre