CVE-2010-0387

Name of the Vulnerable Software and Affected Versions Sun Java System Web Server version 7.0 Update 7

Description The issue is related to multiple heap-based buffer overflows in the webservd and admin server components. This can be triggered by a remote attacker sending a long string in an "Authorization: Digest" HTTP header, potentially causing a denial of service (daemon crash) and possibly other unspecified impacts.

Recommendations For Sun Java System Web Server version 7.0 Update 7, consider restricting access to the webservd and admin server components until a fix is available. As a temporary workaround, avoid using long strings in the Authorization: Digest HTTP header to minimize the risk of exploitation.