Re: MMS + Java

[Florian Weimer <fw () deneb enyo de>]

> So we released an exploit for Sami's new class of vulnerabilities in
> Java (which is awesome, btw - everyone should read that).

> http://slightlyrandombrokenthoughts.blogspot.com/

It's not a new class of bugs.  This pattern (mentioned in the URL
above):

| Based on my very brief analysis, Java 6 update fixes this problem by
| altering the Statement.invoke() to use the AccessControlContext
| captured at the moment of instantiation when it uses the reflection.

can be found throughout the JDK when certain callback schemes which
would otherwise act as a bypass for callstack-based security checks
are used.

But kudos to Sami for finding this new instance---I specifically
looked for such problems earlier this year, and didn't see this one.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave