Linux security advisory - Privilege escalation possible via Java - Linux

This is a discussion on Linux security advisory - Privilege escalation possible via Java - Linux ; http://www.net-security.org/advisory.php?id=8793 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Linux security advisory - Privilege escalation possible via Java

  1. Linux security advisory - Privilege escalation possible via Java

    http://www.net-security.org/advisory.php?id=8793

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory GLSA 200804-20
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    http://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Severity: Normal
    Title: Sun JDK/JRE: Multiple vulnerabilities
    Date: April 17, 2008
    Bugs: #178851, #178962, #183580, #185256, #194711, #212425
    ID: 200804-20


    * Azul Systems reported an unspecified vulnerability that allows
    applets to escalate their privileges (CVE-2007-5689).

    * Multiple unspecified vulnerabilities might allow for escalation of
    privileges (CVE-2008-0657).


    Workaround
    ==========
    There is no known workaround at this time.




    ** Posted from http://www.teranews.com **

  2. Re: Linux security advisory - Privilege escalation possible via Java

    Ezekiel wrote:
    > Severity: Normal
    > Title: Sun JDK/JRE: Multiple vulnerabilities
    > Date: April 17, 2008
    > Bugs: #178851, #178962, #183580, #185256, #194711, #212425
    > ID: 200804-20
    >
    >
    > * Azul Systems reported an unspecified vulnerability that allows
    > applets to escalate their privileges (CVE-2007-5689).
    >
    > * Multiple unspecified vulnerabilities might allow for escalation of
    > privileges (CVE-2008-0657).


    So... That'll affect windows too then?
    Your point?
    --
    | spike1@freenet.co.uk | |
    | Andrew Halliwell BSc | "ARSE! GERLS!! DRINK! DRINK! DRINK!!!" |
    | in | "THAT WOULD BE AN ECUMENICAL MATTER!...FECK!!!! |
    | Computer Science | - Father Jack in "Father Ted" |

  3. Re: Linux security advisory - Privilege escalation possible via Java

    In comp.os.linux.advocacy, Andrew Halliwell

    wrote
    on Fri, 18 Apr 2008 17:54:47 +0100
    :
    > Ezekiel wrote:
    >> Severity: Normal
    >> Title: Sun JDK/JRE: Multiple vulnerabilities
    >> Date: April 17, 2008
    >> Bugs: #178851, #178962, #183580, #185256, #194711, #212425
    >> ID: 200804-20
    >>
    >>
    >> * Azul Systems reported an unspecified vulnerability that allows
    >> applets to escalate their privileges (CVE-2007-5689).
    >>
    >> * Multiple unspecified vulnerabilities might allow for escalation of
    >> privileges (CVE-2008-0657).

    >
    > So... That'll affect windows too then?
    > Your point?


    No, it will not necessarily affect Windows; Java is special in that each
    OS gets its own JVM.

    --
    #191, ewill3@earthlink.net
    fortune: not found

    --
    Posted via a free Usenet account from http://www.teranews.com


  4. Re: Linux security advisory - Privilege escalation possible via Java

    The Ghost In The Machine wrote:
    > In comp.os.linux.advocacy, Andrew Halliwell
    >
    > wrote
    > on Fri, 18 Apr 2008 17:54:47 +0100
    > :
    >> Ezekiel wrote:
    >>> Severity: Normal
    >>> Title: Sun JDK/JRE: Multiple vulnerabilities
    >>> Date: April 17, 2008
    >>> Bugs: #178851, #178962, #183580, #185256, #194711, #212425
    >>> ID: 200804-20
    >>>
    >>>
    >>> * Azul Systems reported an unspecified vulnerability that allows
    >>> applets to escalate their privileges (CVE-2007-5689).
    >>>
    >>> * Multiple unspecified vulnerabilities might allow for escalation of
    >>> privileges (CVE-2008-0657).

    >>
    >> So... That'll affect windows too then?
    >> Your point?

    >
    > No, it will not necessarily affect Windows; Java is special in that each
    > OS gets its own JVM.
    >

    Rather inefficient design methodology there, then.
    --
    | spike1@freenet.co.uk | |
    | Andrew Halliwell BSc | "ARSE! GERLS!! DRINK! DRINK! DRINK!!!" |
    | in | "THAT WOULD BE AN ECUMENICAL MATTER!...FECK!!!! |
    | Computer Science | - Father Jack in "Father Ted" |

  5. Re: Linux security advisory - Privilege escalation possible via Java

    In comp.os.linux.advocacy, Andrew Halliwell

    wrote
    on Fri, 18 Apr 2008 22:54:07 +0100
    :
    > The Ghost In The Machine wrote:
    >> In comp.os.linux.advocacy, Andrew Halliwell
    >>
    >> wrote
    >> on Fri, 18 Apr 2008 17:54:47 +0100
    >> :
    >>> Ezekiel wrote:
    >>>> Severity: Normal
    >>>> Title: Sun JDK/JRE: Multiple vulnerabilities
    >>>> Date: April 17, 2008
    >>>> Bugs: #178851, #178962, #183580, #185256, #194711, #212425
    >>>> ID: 200804-20
    >>>>
    >>>>
    >>>> * Azul Systems reported an unspecified vulnerability that allows
    >>>> applets to escalate their privileges (CVE-2007-5689).
    >>>>
    >>>> * Multiple unspecified vulnerabilities might allow for escalation of
    >>>> privileges (CVE-2008-0657).
    >>>
    >>> So... That'll affect windows too then?
    >>> Your point?

    >>
    >> No, it will not necessarily affect Windows; Java is special in that each
    >> OS gets its own JVM.
    >>

    > Rather inefficient design methodology there, then.


    Very. I'll admit I don't know how big the base CLR is, though.

    --
    #191, ewill3@earthlink.net
    /dev/signature: No such file or directory

    --
    Posted via a free Usenet account from http://www.teranews.com


+ Reply to Thread