d8888 888 888      88888888888 888      d8b                                 888       888          888       .d8888b.           888                               
      d88888 888 888          888     888      Y8P                                 888   o   888          888      d88P  Y88b          888                               
     d88P888 888 888          888     888                                          888  d8b  888          888      Y88b.               888                               
    d88P 888 888 888          888     88888b.  888 88888b.   .d88b.  .d8888b       888 d888b 888  .d88b.  88888b.   "Y888b.   88888b.  88888b.   .d88b.  888d888 .d88b.  
   d88P  888 888 888          888     888 "88b 888 888 "88b d88P"88b 88K           888d88888b888 d8P  Y8b 888 "88b     "Y88b. 888 "88b 888 "88b d8P  Y8b 888P"  d8P  Y8b 
  d88P   888 888 888          888     888  888 888 888  888 888  888 "Y8888b.      88888P Y88888 88888888 888  888       "888 888  888 888  888 88888888 888    88888888 
 d8888888888 888 888          888     888  888 888 888  888 Y88b 888      X88      8888P   Y8888 Y8b.     888 d88P Y88b  d88P 888 d88P 888  888 Y8b.     888    Y8b.     
d88P     888 888 888          888     888  888 888 888  888  "Y88888  88888P'      888P     Y888  "Y8888  88888P"   "Y8888P"  88888P"  888  888  "Y8888  888     "Y8888  
                                                                 888                                                          888                                        
                                                            Y8b d88P                                                          888                                        
                                                             "Y88P"                                                           888   

All Things WebSphere

Concerns and issues relating to all versions of WebSphere Application Server

Wednesday, February 16, 2011

 

WebSphere Critical Security Vulnerability - Denial of Service Security Exposure with Java JRE/JDK


Dear WebSphere Administrators,

Please patch your WAS deployments ASAP to fix a Denial of Service Security Exposure with Java JRE/JDK hanging when converting 2.2250738585072012e-308 number (CVE-2010-4476) (PM32387)
See http://www-01.ibm.com/support/docview.wss?uid=swg21462019#solution_dist

This vulnerability can cause the Java Runtime Environment to go into a hang, infinite loop, and/or crash resulting in a denial of service exposure. This same hang will occur if the number is written without scientific notation (324 decimal places). In addition to the Application Server being exposed to this attack, any Java program using the Double.parseDouble method is also at risk of this exposure including any customer written application or 3rd party written application.

The security vulnerability is generic and specifically its a bug in sun.misc.FloatingDecimal.doubleValue
 See http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/

This can be used as a denial of service attack against app servers, by sending the server an HTTP request containing this value in a field - if the server parses the value with parseDouble(), the thread doing the parsing will go into an infinite loop.

A hacker looks up a website and submits the string value "2.2250738585072012e-308" for a form field that expects double and parses it on the server side.  Other instances could  include an web service hosted on WAS  that take a string input from a form or a URL, and tries to convert said string to a floating point variable  Any code on the server side that does parseDouble is now compromised if hacker figures out how to trigger the parsing.

And remember ...
 ** JDK fixes are NOT dependent on the version/release of WSAS **

Oracle recently released a fix for the same
http://blogs.oracle.com/security/2011/02/security_alert_for_cve-2010-44.html
http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html


Reference:
http://www.reddit.com/r/programming/comments/fczjc/next_language_java_hangs_when_converting/
http://news.ycombinator.com/item?id=2164863

Comments:
Such a great article which this vulnerability can cause the Java Runtime Environment to go into a hang, infinite loop, and/or crash resulting in a denial of service exposure. In which The security vulnerability is generic and specifically its a bug in sun.misc.FloatingDecimal.doubleValue. Thanks for sharing this article.
 
Woah! I'm really loving the template/theme of this blog. It's simple, yet effective.
A lot of times it's tough to get that "perfect balance" between user friendliness and appearance. I must say that you've
done a superb job with this. Also, the blog loads super fast
for me on Chrome. Excellent Blog!
Feel free to surf my webpage ; ricambi barche
 
I'm not sure why but this web site is loading extremely slow for me. Is anyone else having this issue or is it a problem on my end? I'll check back later
on and see if the problem still exists.
Feel free to surf my homepage ... Breaking news
 
Oh my goodness! Incredible article dude! Thank you
so much, However I am having problems with your RSS.

I don't know the reason why I can't subscribe to it.
Is there anybody getting similar RSS issues? Anyone who knows the answer can you kindly respond?
Thanx!!
my web site :: vidacup review
 
At this moment I am going to do my breakfast, after having my breakfast coming again to read further news.
Feel free to visit my page - live chatting
 
I think that what you published made a lot of sense.
But, what about this? what if you were to create a awesome headline?
I ain't saying your content is not good, however what if you added something that makes people desire more? I mean "WebSphere Critical Security Vulnerability - Denial of Service Security Exposure with Java JRE/JDK" is a little boring. You should glance at Yahoo's front page and
note how they create news headlines to get
people to click. You might add a related video or a related picture
or two to grab readers excited about what you've written. In my opinion, it could bring your posts a little bit more interesting.

Look at my web blog: Villas in Mahmutlar
my web site :: Cikcilli Apartments
 
Have you ever thought about writing an e-book or guest authoring on
other websites? I have a blog based on the same ideas you discuss and would love
to have you share some stories/information. I know my
visitors would appreciate your work. If you are even remotely interested,
feel free to send me an email.

Have a look at my blog post - juegos para pc
 
What's up, after reading this awesome piece of writing i am as well glad to share my knowledge here with friends.

Feel free to surf to my weblog: Rachel Roxxx swallows
 
you're actually a good webmaster. The site loading velocity is amazing. It sort of feels that you are doing any unique trick. In addition, The contents are masterwork. you have performed a great job in this matter!

Look at my webpage: sex on webcam
 
Hi there, I found your blog by means of Google whilst searching for a similar matter, your web site
came up, it appears to be like great. I have bookmarked it in my google bookmarks.

Hi there, just become aware of your weblog
through Google, and found that it is truly informative.
I am going to be careful for brussels. I'll appreciate in case you continue this in future. Lots of other folks can be benefited from your writing. Cheers!

my weblog: sexygirlchat.Net
 

Post a Comment

Subscribe to Post Comments [Atom]



Links to this post:

Create a Link



<< Home

Archives

December 2006   September 2008   January 2009   February 2009   March 2009   September 2009   October 2009   November 2009   December 2009   January 2010   February 2010   March 2010   April 2010   October 2010   January 2011   February 2011   April 2011   May 2011   June 2011   July 2011   August 2011   September 2011   October 2011   November 2011   December 2011   January 2012   February 2012   March 2012   April 2012   May 2012   June 2012   July 2012   August 2012   September 2012   October 2012   November 2012   January 2013   May 2013   June 2013   July 2013   September 2013   October 2013  

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]