CVE-2007-1681 - OpenCVE

Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Java Web Console Solaris

Configuration 1 [-]

OR	cpe:2.3:a:sun:java_web_console:2.2.2::x86:::::
	cpe:2.3:a:sun:java_web_console:2.2.3::x86:::::
	cpe:2.3:a:sun:java_web_console:2.2.4::x86:::::
	cpe:2.3:a:sun:java_web_console:2.2.5::x86:::::

Configuration 2 [-]

OR	cpe:2.3:o:sun:solaris:10.0::x86:::::
	cpe:2.3:o:sun:solaris:10.0:hw2::::::

Configuration 3 [-]

OR	cpe:2.3:a:sun:java_web_console:2.2.2::x86:::::
	cpe:2.3:a:sun:java_web_console:2.2.3::x86:::::
	cpe:2.3:a:sun:java_web_console:2.2.4::x86:::::
	cpe:2.3:a:sun:java_web_console:2.2.5::x86:::::

No data.

References

Link	Providers
http://osvdb.org/34902
http://secunia.com/advisories/24927
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1
http://www.nruns.com/security_advisory_sun_java_format_string.php
http://www.securityfocus.com/archive/1/466048/100/0/threaded
http://www.securityfocus.com/bid/23539
http://www.securitytracker.com/id?1017930
http://www.vupen.com/english/advisories/2007/1443
https://exchange.xforce.ibmcloud.com/vulnerabilities/33731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-19T10:00:00

Updated: 2024-08-07T13:06:26.107Z

Reserved: 2007-03-26T00:00:00

Link: CVE-2007-1681

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-04-19T10:19:00.000

Modified: 2018-10-16T16:40:31.207

Link: CVE-2007-1681

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-04-17T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "javawebconsole-libcsyslog-format-string(33731)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33731"}, {"name": "102854", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1"}, {"name": "1017930", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017930"}, {"name": "24927", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24927"}, {"name": "ADV-2007-1443", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1443"}, {"name": "20070417 n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/466048/100/0/threaded"}, {"name": "34902", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/34902"}, {"name": "23539", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23539"}, {"tags": ["x_refsource_MISC"], "url": "http://www.nruns.com/security_advisory_sun_java_format_string.php"}, {"name": "oval:org.mitre.oval:def:1252", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1681", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "javawebconsole-libcsyslog-format-string(33731)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33731"}, {"name": "102854", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1"}, {"name": "1017930", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017930"}, {"name": "24927", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24927"}, {"name": "ADV-2007-1443", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1443"}, {"name": "20070417 n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/466048/100/0/threaded"}, {"name": "34902", "refsource": "OSVDB", "url": "http://osvdb.org/34902"}, {"name": "23539", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23539"}, {"name": "http://www.nruns.com/security_advisory_sun_java_format_string.php", "refsource": "MISC", "url": "http://www.nruns.com/security_advisory_sun_java_format_string.php"}, {"name": "oval:org.mitre.oval:def:1252", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:06:26.107Z"}, "title": "CVE Program Container", "references": [{"name": "javawebconsole-libcsyslog-format-string(33731)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33731"}, {"name": "102854", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1"}, {"name": "1017930", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017930"}, {"name": "24927", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24927"}, {"name": "ADV-2007-1443", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1443"}, {"name": "20070417 n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/466048/100/0/threaded"}, {"name": "34902", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/34902"}, {"name": "23539", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/23539"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.nruns.com/security_advisory_sun_java_format_string.php"}, {"name": "oval:org.mitre.oval:def:1252", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1681", "datePublished": "2007-04-19T10:00:00", "dateReserved": "2007-03-26T00:00:00", "dateUpdated": "2024-08-07T13:06:26.107Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_web_console:2.2.2:*:x86:*:*:*:*:*", "matchCriteriaId": "12B7ECB2-D5F1-45F2-B412-F02BE7420E76", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_web_console:2.2.3:*:x86:*:*:*:*:*", "matchCriteriaId": "7B885C74-201B-4F97-8CC5-13DE2AFED55D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_web_console:2.2.4:*:x86:*:*:*:*:*", "matchCriteriaId": "D3ED53C3-2888-44F3-A13F-18ACC0736C59", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_web_console:2.2.5:*:x86:*:*:*:*:*", "matchCriteriaId": "338D8827-A49C-4CA4-AFD3-D308AC715C0E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:sun:solaris:10.0:hw2:*:*:*:*:*:*", "matchCriteriaId": "DBEB91FE-FB39-4AB2-8172-2A47EC59861B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_web_console:2.2.2:*:x86:*:*:*:*:*", "matchCriteriaId": "12B7ECB2-D5F1-45F2-B412-F02BE7420E76", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_web_console:2.2.3:*:x86:*:*:*:*:*", "matchCriteriaId": "7B885C74-201B-4F97-8CC5-13DE2AFED55D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_web_console:2.2.4:*:x86:*:*:*:*:*", "matchCriteriaId": "D3ED53C3-2888-44F3-A13F-18ACC0736C59", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_web_console:2.2.5:*:x86:*:*:*:*:*", "matchCriteriaId": "338D8827-A49C-4CA4-AFD3-D308AC715C0E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog."}, {"lang": "es", "value": "Vulnerabilidad de formato de cadena en libwebconsole_services.so de Sun Java Web Console 2.2.2 hasta 2.2.5 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n), obtener informaci\u00f3n confidencial, y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados durante un intento fallido de autenticaci\u00f3n en el sistema, referido a syslog."}], "evaluatorImpact": "Root level code execution is only possible if the web console is running as root, which it does not by default.", "evaluatorSolution": "The vendor has addressed this issue through multiple product updates: \r\n\r\nSun Java Web Console 2.2.2\r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console x86 2.2.2 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console x86 2.2.3 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console 2.2.3 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console x86 2.2.4 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console 2.2.4 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console x86 2.2.5 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n\r\n\r\nSun Java Web Console 2.2.5 \r\nhttp://www.sun.com/download/products.xml?id=461d58be\r\n", "id": "CVE-2007-1681", "lastModified": "2018-10-16T16:40:31.207", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-04-19T10:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/34902"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24927"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1"}, {"source": "cve@mitre.org", "url": "http://www.nruns.com/security_advisory_sun_java_format_string.php"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/466048/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23539"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017930"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1443"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33731"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}