Executive Summary

Summary
Title Sun Alert 258508 A Security Vulnerability in the Sun Java System Access Manager Policy Agent May Result in a Denial of Service (DoS) to Web Proxy Server 4.0
Informations
Name SUN-258508 First vendor Publication 2009-07-23
Vendor Sun Last vendor Modification 2009-07-23
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Sun Java System Access Manager Policy Agents 2.2

A security vulnerability in the Sun Java System Access Manager Policy Agent may allow a local or remote unprivileged user to crash the Sun Java System Web Proxy Server, when this is the deployment container that the Agent is running in. This is a type of Denial of Service (DoS).

Sun would like to thank Jason Jones of Inner Security Ltd (http://www.innersecurity.co.uk) for bringing this issue to our attention.

State: Resolved
First released: 23-Jul-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_258508_a_security

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2009-08-12 Name : Sun Java System Web Proxy Server Denial Of Service Vulnerability (Linux)
File : nvt/gb_sun_java_sys_web_proxy_server_dos_vuln_lin.nasl
2009-08-12 Name : Sun Java System Web Proxy Server Denial Of Service Vulnerability (Win)
File : nvt/gb_sun_java_sys_web_proxy_server_dos_vuln_win.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
56327 Sun Java System Access Manager Policy Agent Web Proxy Server Deployment Conta...

Sun Java System Access Manager Policy Agent contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error occurs, and will result in loss of availability for the Sun Java System Web Proxy Server.