TITLE: Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA20147 VERIFY ADVISORY: http://secunia.com/advisories/20147/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote SOFTWARE: Sun Java System Application Server (Sun ONE) 7.x http://secunia.com/product/1534/ Sun Java System Web Server (Sun ONE/iPlanet) 6.x http://secunia.com/product/92/ DESCRIPTION: Keigo Yamazaki has reported a vulnerability in Sun ONE and Sun Java System Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Input containing a " (Double quote) character in the URL is not properly sanitised before being returned to users in error pages. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site. The vulnerability has been reported in the following versions: * Sun ONE Web Server 6.0 Service Pack 9 and earlier. * Sun Java System Web Server 6.1 Service Pack 4 and earlier. * Sun ONE Application Server 7 Platform Edition Update 6 and earlier. * Sun ONE Application Server 7 Standard Edition Update 6 and earlier. * Sun Java System Application Server 7 2004Q2 Standard Edition Update 2 and earlier. * Sun Java System Application Server 7 2004Q2 Enterprise Edition Update 2 and earlier. SOLUTION: Apply Service Pack or updates. Sun ONE Web Server 6.0: Apply Service Pack 10 or later. http://www.sun.com/download/products.xml?id=43a84f89 Sun Java System Web Server 6.1: Apply Service Pack 5 or later. http://www.sun.com/download/products.xml?id=434aec1d (International version at http://www.sun.com/download/products.xml?id=43c43041) Sun ONE Application Server 7 Platform Edition: Apply Update 7 or later. http://www.sun.com/download/products.xml?id=42ae3178 Sun ONE Application Server 7 Standard Edition: Apply Update 7 or later. http://www.sun.com/download/products.xml?id=42ae317c Sun Java System Application Server 7 2004Q2 Standard Edition: Apply Update 3 or later. http://www.sun.com/download/products.xml?id=427fe06d Sun Java System Application Server 7 2004Q2 Enterprise Edition: Apply Update 3 or later. http://javashoplm.sun.com/ECom/docs/Welcome.jsp?StoreId=8&PartDetailId=SJAS72004Q2U3-EE-OTH-G-ES PROVIDED AND/OR DISCOVERED BY: Keigo Yamazaki, LAC ORIGINAL ADVISORY: Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102164-1 LAC: http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/87_e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------