[<prev] [next>] [day] [month] [year] [list]
Message-ID: <518797B2.6060001@security-explorations.com>
Date: Mon, 06 May 2013 13:44:50 +0200
From: Security Explorations <contact@...urity-explorations.com>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [SE-2012-01] New security vulnerabilities and broken fixes in IBM
Java
Hello All,
Security Explorations discovered 7 additional security issues (#62-68)
in the latest version of IBM SDK, Java Technology Edition software [1].
A majority of the new flaws are due to insecure use or implementation
of Java Reflection API.
Additionally to the above, we found out that four issues reported to
IBM in Sep 2012 [2] had not been fixed correctly by the company. Upon
simple exploit codes modifications they can be still used to achieve
a complete compromise of a target IBM Java environment. The problem
with IBM fixes is that they aim to detect only one specific exploit
vector (PoC instance ?) and miss many other scenarios.
Security Explorations developed reliable Proof of Concept codes for
the above-mentioned issues. Each of them demonstrates a complete IBM J9
Java VM security sandbox bypass. Each of them was verified to work in
the environment of the following version of IBM software:
* IBM SDK, Java Technology Edition, Version 7.0 SR4 FP1 for Linux (32-bit
x86), build pxi3270sr4fp1-20130325_01(SR4 FP1)
Today, a vulnerability notice was sent to IBM corporation containing
detailed information about identified weaknesses. Along with that, the
company was also provided with source and binary codes for Proof of
Concept codes illustrating all new security bypass issues and broken
fixes.
Thank you.
Best Regards
Adam Gowdiak
---------------------------------------------
Security Explorations
http://www.security-explorations.com
"We bring security research to the new level"
---------------------------------------------
References:
[1] IBM developer kits
http://www.ibm.com/developerworks/java/jdk/
[2] SE-2012-01 Vendors status
http://www.security-explorations.com/en/SE-2012-01-status.html
Powered by blists - more mailing lists