Sun Java UTF-8 encoded URI file disclosure

sun-java-utf8-file-disclosure (28061) The risk level is classified as MediumMedium Risk

Description:

Sun Java System Application Server, Sun Java System Web Server, and Sun ONE Application Server could allow a remote attacker to obtain sensitive information, caused by improper validation of UTF-8 encoded URIs. A remote attacker could exploit this vulnerability by sending a specially-crafted URL request to an affected system to view files outside of the document root directory.

Platforms Affected:

  • Sun, Java System Application Server 7.0 2004Q2 Update2 Enterprise
  • Sun, Java System Application Server 7.0 2004Q2 Update2 Standard
  • Sun, Java System Application Server 7.0
  • Sun, Java System Application Server 7.0 2004Q2 R2 Platform
  • Sun, Java System Application Server 7.0 2004Q2
  • Sun, Java System Application Server 7.0 2004Q2 Update4
  • Sun, Java System Application Server 7.0 2004Q2 R2 Standard
  • Sun, Java System Application Server 7.0 2004Q2 R1 Standard
  • Sun, Java System Application Server 7.0 2004Q2 R1 Enterprise
  • Sun, Java System Application Server 7.0 Update6 Standard
  • Sun, Java System Application Server 7.0 UR6 Platform
  • Sun, Java System Application Server 7.0 UR5 Standard
  • Sun, Java System Application Server 7.0 UR5 Platform
  • Sun, Java System Application Server 7.0 UR4
  • Sun, Java System Application Server 7.0 Standard
  • Sun, Java System Application Server 7.0 Platform
  • Sun, Java System Application Server 7.0 Enterprise
  • Sun, Java System Application Server 7.1
  • Sun, Java System Application Server 8.1 2005Q1 Platform
  • Sun, Java System Application Server 8.1 2005Q1 UR1 Platform
  • Sun, Java System Application Server 8.1 2005Q1 Enterprise
  • Sun, Java System Web Server 6.1
  • Sun, Java System Web Server 6.1 SP1
  • Sun, Java System Web Server 6.1 SP2
  • Sun, Java System Web Server 6.1 SP3
  • Sun, Java System Web Server 6.1 SP4
  • Sun, Java System Web Server 6.1 SP5
  • Sun, Java Web Server 6.0
  • Sun, ONE Application Server 7.0 Standard
  • Sun, One Application Server 7.0 Platform
  • Sun, Solaris SPARC
  • Sun, Solaris x86

Remedy:

Refer to Sun Alert ID: 102521 for patch, upgrade, or suggested workaround information. See References.

Consequences:

Obtain Information

References:

  • Sun Alert ID: 102521, Security Vulnerability in Sun Java System Application Server and Sun Java System Web Server May Allow a Remote Unprivileged User to Read Certain Files at http://sunsolve.sun.com/search/document.do?assetkey=1-26-102521-1.
  • BID-19200: Sun Java System Application Server and Web Server Information Disclosure Vulnerability
  • CVE-2006-3921: Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the document root directory via a direct request using a UTF-8 encoded URI.
  • SA21251: Sun Java System Application Server / Web Server File Disclosure
  • SA22425: Avaya CMS / IR Sun Solaris ACK Storm Denial of Service
  • SECTRACK ID: 1016596: Sun Java System Web Server UTF-8 URI Mapping Error Lets Remote Users View Certain Files
  • SECTRACK ID: 1016597: Sun Java System Application Server UTF-8 URI Mapping Error Lets Remote Users View Certain Files
  • VUPEN/ADV-2006-3020: Sun Java System Application Server and Web Server Arbitrary File Disclosure Vulnerability

Reported:

Jul 27, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page