Buffer Overflow Plugged in Sun ONE Web Server

Sun Microsystems on Monday warned of a buffer overflow vulnerability in its Sun ONE/iPlanet Web Server product

In a brief alert, the Santa Clara, Calif.-based firm said the flaw could be exploited by a remote user to crash the Web server, which is a type of
denial-of-service attack .

Independent research firm Secunia has rated the security hole as “moderately critical.”

The vulnerability affects the Sun ONE/iPlanet Web Server 6.0 Service Pack 5 and earlier versions on the HP-UX platform. Sun has issued a new service pack to fix the flaw, noting that there are no workarounds.

The susceptible products are a crucial part of Sun’s Web services initiative which falls under Sun Open Net Environment (Sun ONE) brand.

The Sun ONE brand includes the Sun ONE Web Server, Sun ONE Portal Server, Sun ONE Application Server, Sun ONE Directory Server, Sun ONE Identity Server, Sun ONE Messaging Server and the Sun ONE Integration Server (all formerly iPlanet products).

News Around the Web