Sun Java Enterprise Server NSS Remote Code Execution Vulnerabilities
Medium Nessus Plugin ID 25000
SynopsisThe remote Windows host uses a library that may allow remote code execution.
DescriptionThe version of Sun Java Enterprise Server (ES) installed on the remote host includes a set of libraries known as Network Security Services (NSS) for use with many of Java ES' services. On a Windows host, though, vulnerabilities in their implementation of SSL2 support reportedly allow a remote attacker to execute arbitrary code with LOCAL SYSTEM privileges.
SolutionApply patch 125923-01.