Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)

A security vulnerability in Sun Java System Calendar Server 6.3 may allow a remote unprivileged user to crash the Calendar Server. This is a type of Denial of Service (DoS).

Document Audience: PUBLIC
Document ID: 255008
Title: Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
Copyright Notice: Copyright © 2009 Sun Microsystems, Inc. All Rights Reserved
Update Date: Mon Apr 06 00:00:00 MDT 2009

Solution Type Sun Alert

Solution  255008 :   Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)  


Bug ID
6728790
Product
Sun Java System Calendar Server 6.3

Date of Resolved Release
01-Apr-2009
SA Document Body
Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS):
1. Impact

A security vulnerability in Sun Java System Calendar Server 6.3 may allow a remote unprivileged user to crash the Calendar Server. This is a type of Denial of Service (DoS).

2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform
  • Sun Java System Calendar Server 6.3 without patch 121657-30
x86 Platform
  • Sun Java System Calendar Server 6.3 without patch 121658-30
Linux
  • Sun Java System Calendar Server 6.3 without patch 121659-30
Note: Sun Java System Calender Server versions prior to 6.3 are not impacted by this issue.

To determine the version of Sun Java System Calendar Server on a system, the following command can be run:
    $ csversion
Sun Java(tm) System Calendar Server 6.3-7.01 (built Feb 20 2008)
SunOS "testhost" 5.10 Generic_118833-36 sun4u sparc SUNW,A70
3. Symptoms

If  this issue is exploited to cause a Denial of Service (DoS), the Calendar Server will no longer be running on the system. This can be determined using a command such as the following, which will produce no output if the process has crashed:
    $ pgrep cshttpd
Depending on the system configuration, the Calendar Server process may leave a crash dump with a stack trace similar to the following:
    -----------------  lwp# 4 / thread# 4  --------------------
ff05ff40 shtml_finishlogin (...) + 160
0001dff4 cmd_login (...) + 364
00017f78 cshttpd_post_cb (...) + 470
fed8ff88 cmd_post (...) + 1b8
fed8f2a8 cmd_exec (...) + da8
fed8d8cc cmdloop (...) + 3bc
fed8c4f0 sock_readable (...) + 2f0
feb45564 GDispCx_Dispatch (...) + 174
feb45b78 GDispCx_InternalWork (...) + 3e0
fe7c04f4 _lwp_start (...)

 4.   Workaround

There is no workaround for this issue.  Please see the Resolution section below.

5. Resolution

This issue is addressed in the following releases:

SPARC Platform
  • Sun Java System Calendar Server 6.3 with patch 121657-30 or later
x86 Platform
  • Sun Java System Calendar Server 6.3 with patch 121658-30 or later
Linux
  • Sun Java System Calendar Server 6.3 with patch 121659-30 or later

For more information on Security Sun Alerts, see Technical Instruction ID 213557 .

This Sun Alert notification is being provided to you on an "AS IS" basis. This Sun Alert notification may contain information provided by third parties. The issues described in this Sun Alert notification may or may not impact your system(s). Sun makes no representations, warranties, or guarantees as to the information contained herein. ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification contains Sun proprietary and confidential information. It is being provided to you pursuant to the provisions of your agreement to purchase services from Sun, or, if you do not have such an agreement, the Sun.com Terms of Use. This Sun Alert notification may only be used for the purposes contemplated by these agreements.

Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.


Modification History
06-Apr-2009: Updated Contributing Factors and Resolution section
Telegram Подписывайтесь на канал "SecurityLab" в Telegram, чтобы первыми узнавать о новостях и эксклюзивных материалах по информационной безопасности.