JRun Flaw Leaves Machines Vulnerable | eWeek

JRun Flaw Leaves Machines Vulnerable

Écrit par
Dennis Fisher
Dennis Fisher
May 30, 2002
1 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Security researchers have found a serious flaw in Macromedia Inc.s JRun Java application server that enables an attacker to gain complete control of a vulnerable machine.

The buffer overrun vulnerability lies in the ISAPI filter/application that is used to handle requests for Java Server Pages resources. In order to exploit the flaw, an attacker would have to send a request to the ISAPI DLL with an overly long host header field.

The DLL would then overwrite a saved return address on the stack, which would in turn give the attacker control over the processs execution. And because the DLL runs in the system context, any code the attacker executes would have system-level privileges, according to an advisory released Thursday by the CERT Coordination Center.

The flaw affects machines running Microsoft Corp.s Windows NT 4.0 or 2000 and IIS 4.0 or 5.0.

JRun versions 3.0 and 3.1 are vulnerable, but Version 4, released May 13 by Macromedia, contains a fix for the vulnerability.

There is also a patch, available at http://www.macromedia.com/v1/handlers/index.cfm?ID=22994.

CERT estimates that JRun is installed in more than 10,000 sites worldwide.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.