COMMAND

	Java Applet Can Redirect Browser Traffic

SYSTEMS AFFECTED

	 Sun/Blackdown	      1.1.7/8, 1.2.2, 1.3.0/1	linux/win32

	 Netscape 4.61	      default Java Runtime	linux

	 MSIE 5.0	      default Java Runtime	win32

	

PROBLEM

	Harmen van der Wal [http://www.xs4all.nl/~harmwal/] found following :
	

	The Java security model is designed to  allow  code  from  an  untrusted
	source, usually web applets, to be safely executed.
	

	   =Problem

	

	An applet could do irregular, unchecked HTTP requests.
	

	   =Consequence

	

	Network access restrictions that apply, can be  bypassed.  Only  systems
	that have a HTTP proxy configured can be vulnerable.
	

	One particular nasty exploit is  where  a  remote  server,  aided  by  a
	hostile applet, hijacks a browsers persistent  HTTP  connection  to  its
	configured HTTP proxy.
	

	

	I audited both Kaffe and GNU Classpath class libraries, and to the  best
	of my knowledge, they are not vulnerable to this issue.

SOLUTION

	Apply patch available at
	

	Microsoft :
	

	http://www.microsoft.com/technet/security/bulletin/ms02-013.asp

	

	

	Sun :
	

	http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=secbull/216

	

	

	HP :
	

	http://www.xs4all.nl/~harmwal/issue/bulletin/HPSBUX0203-186.txt

	

	

	Netscape :
	

	http://home.netscape.com/security/