Multiple Vendor Java Virtual Machine Listening Socket Vulnerability

Sun has released fixes to address this issue. Please see referenced Sun Alert (ID: 23604), for further detail regarding obtaining and applying appropriate fixes.

Netscape has released Netscape Communicator 4.75 which is not susceptible to this vulnerability.

Microsoft has released patches for each affected version of Virtual Machine. To find out the version of Virtual Machine you are running, please read 'Frequently Asked Questions: Microsoft Security Bulletin (MS00-059)' under the Reference tab.

Debian Security has provided the following upgrades:

Source archives:
MD5 checksum: 99ab453006b123ade6b62d508052e8aa
MD5 checksum: b6c8220d540580c62302e51bd310273c
MD5 checksum: 291d418188dd0d859c842b8e511f40dd
MD5 checksum: 834ccd2acc61052bf9b01f58c5adb767
MD5 checksum: c9f71e888d9ce42d7317a7a8255a25f4

Intel ia32 architecture:
MD5 checksum: 401b63408d1477978fe16a855b9b2a14
MD5 checksum: 763d8c075f0200d77ce1ad91af3d4c27
MD5 checksum: d255e35d8365486b28a6e5c02bdf7e80
MD5 checksum: a8b595e4ba544861109e91cf2f494d67
MD5 checksum: 2c42207d48399b1d9ea757a1ee677414
MD5 checksum: 3b67100464ed0aa6a22bef337c14798f
MD5 checksum: f4ed466d94b761b3a5f252c859c1c38d
MD5 checksum: 3e671e3bd853557df55915a395f57d39
MD5 checksum: d46984adbf2703f26a5bbd1cff912967
MD5 checksum: 3e7de9bb9c0c8c73519c3b7149de6af4
MD5 checksum: a4f735e76fb26bc46a99edb557e41d43
MD5 checksum: be2014f7b47913fc2d40dd3a2f7dc60f
MD5 checksum: 4cae30606eb234d79c0469ad3e430ece
MD5 checksum: e594f5e58bfab22b5c4333d6e648b8bc
MD5 checksum: 2f5aadfe24499b6ed79d7c1810aedb70
MD5 checksum: 2b1d1abed84ac00eef02de530ad95028
MD5 checksum: b2335dabae4430a69773ba22b3d5100c
MD5 checksum: 2397e4c0d8e556ea457b0095ad102d96
MD5 checksum: 45f1df641dc6869f880ee32abc1c8eb2
MD5 checksum: 5cb68c9bf8a895488c4a75145c48c915

TurboLinux has provided the following fix information:
Update the package from our ftp server by running the following command
for then package:

rpm -Uvh --nodeps --Force ftp_path_to_filename

Where ftp_path_to_filename is the following:

The source RPM can be downloaded here:

**Note: You must rebuild and install the RPM if you choose to download
and install the SRPM. Simply installing the SRPM alone WILL NOT CLOSE

Please verify the MD5 checksum of the update before you install:

MD5 sum Package Name
c99bfe042efb64bac1e9838d57ef7bd5 netscape-communicator-4.75-1.i386

These packages are GPG signed by Turbolinux for security. Our key
is available here:

To verify a package, use the following command:

rpm --checksig name_of_rpm

To examine only the md5sum, use the following command:

rpm --checksig --nogpg name_of_rpm

**Note: Checking GPG keys requires RPM 3.0 or higher.

Netscape Communicator 4.07

Microsoft Virtual Machine 2000 Series

Netscape Communicator 4.06

Microsoft Virtual Machine 3300 Series

Microsoft Virtual Machine 3100 Series

Microsoft Virtual Machine 3200 Series

Netscape Communicator 4.08

Netscape Communicator 4.0

Netscape Communicator 4.4

Netscape Communicator 4.5

Netscape Communicator 4.51

Netscape Communicator 4.6

Netscape Communicator 4.61

Netscape Communicator 4.7

Netscape Communicator 4.72

Netscape Communicator 4.73

Netscape Communicator 4.74


Privacy Statement
Copyright 2010, SecurityFocus