FKIE_CVE-2008-3683
Vulnerability from fkie_nvd - Published: 2008-08-14 20:41 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "AF24FBF9-6E01-40F6-889B-2EEF5D5ECDB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4:sp2:*:*:*:*:*:*",
"matchCriteriaId": "0BFF3C73-D592-4DD2-8F1B-9908A2D4AA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4:sp3:*:*:*:*:*:*",
"matchCriteriaId": "2B70E50B-6C01-4D57-A35D-3BB1F483372F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4:sp4:*:*:*:*:*:*",
"matchCriteriaId": "309BFAF3-5842-4F4F-B6F9-73DBE428F387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4:sp5:*:*:*:*:*:*",
"matchCriteriaId": "ED82028A-8BD5-4E24-85EA-B3ED719A0DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A14869F3-76A8-4407-85C8-3D9764721EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "18658A61-81D2-4FDD-8DB2-8222CCCF85C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C0B02862-58BD-4D29-A2D1-3A7925FA8DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "BE09D9A5-4A81-4771-9D1F-E74845537486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "B4B978A8-4D6D-4E1F-94FF-3ED6ECB584C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "399B9003-1841-4F68-ABD9-EFAF8FDAFADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "CE035EA8-4F06-4C14-9E27-8F1533D1433B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp3:*:*:*:*:*:*",
"matchCriteriaId": "9D93A98A-39F3-44C7-9150-90C3892508C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D2B7A60C-89B5-4851-BE12-4196A6A4D616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.2:sp5:*:*:*:*:*:*",
"matchCriteriaId": "29307BC1-6FC6-4F82-9031-E7317B2AFE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp1:*:*:*:*:*:*",
"matchCriteriaId": "69CE3DFF-8BFD-45BF-BA2A-DB176BF17C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4DB543F2-7DC6-4EED-92D3-EBC12E70AC0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp3:*:*:*:*:*:*",
"matchCriteriaId": "559B8C70-F680-4578-9E68-258D91B41E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp4:*:*:*:*:*:*",
"matchCriteriaId": "C7C836B7-564C-4EAD-A9EF-FB41C0533238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.3:sp5:*:*:*:*:*:*",
"matchCriteriaId": "3C5C06DE-0800-4A43-BEC1-B38811660DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CF2CB27C-5F5A-4057-9B47-61365F0658C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp2:*:*:*:*:*:*",
"matchCriteriaId": "766DA0FE-CAA8-4946-A4AE-4E464D0D0D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp3:*:*:*:*:*:*",
"matchCriteriaId": "67DBCAEE-BC63-4C92-8A91-839F475FBB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp4:*:*:*:*:*:*",
"matchCriteriaId": "13903015-75DD-4F12-9E9A-F12844CEA251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.4:sp5:*:*:*:*:*:*",
"matchCriteriaId": "C48458F0-E844-4654-B450-77E2BF97B047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BDE95076-C3FF-41E0-A5A0-B70E779EAF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4435E1C4-BAD3-4902-A5F0-3C024CE78766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "982A6037-F163-4F48-9CF9-D07D37824565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp4:*:*:*:*:*:*",
"matchCriteriaId": "5FB0CAFB-AA1A-408D-9436-CFDAB6985FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_web_proxy_server:4.0.5:sp5:*:*:*:*:*:*",
"matchCriteriaId": "848A771F-CB1D-49BC-A1D7-48C31AA91590",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors."
},
{
"lang": "es",
"value": "Una vulnerabilidad sin especificar en el subsistema de FTP en Sun Java System Web Proxy Server 4.0.5 antes de SP6 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo al aceptar conexiones) a trav\u00e9s de vectores desconocidos, probablemente relacionados con el agotamiento de los descriptores de ficheros."
}
],
"id": "CVE-2008-3683",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-08-14T20:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31476"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240327-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30671"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020696"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2366"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240327-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44413"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…