Interstage Application Server: Buffer Overflow Vulnerability in Single Sign-on Function. February 25th, 2008


Notes on using this web page

1. Description

There is a buffer overflow vulnerability in the Interstage Application Server Single Sign-on function.

For details on how to avoid the problem please refer to section 3, below.

2. Impact

The vulnerability may allow a internet attacker (malicious third party) who issues a particular request to the Single Sign-on authentication server to execute arbitrary code or cause a Denial of Service (DoS).

3. Affected systems and corresponding action

3-1. Affected systems:

GP7000F, PRIMEPOWER, PRIMERGY, GP5000, CELSIUS, FMV series, AT-compatible machine, PRIMEQUEST, SPARC Enterprise

3-2. Affected products and required patch

Note: The values set in "Workaround" below depend on the product. The symbol in square brackets after 'Product' corresponds to the contents set of "Workaround".

Interstage Application Server
ProductsTarget OSPackage namePatch ID.
Interstage Application Server Enterprise Edition 8.0.0 for Windows [a]WindowsFJSVsso*
Interstage Application Server Standard-J Edition 8.0.0 for Windows [a]WindowsFJSVsso*
Interstage Application Server Enterprise Edition 8.0.1 for Windows [a]WindowsFJSVsso*
Interstage Application Server Standard-J Edition 8.0.1 for Windows [a]WindowsFJSVsso*
Interstage Application Server Enterprise Edition 8.0.2 for Windows [a]WindowsFJSVsso*
Interstage Application Server Standard-J Edition 8.0.2 for Windows [a]WindowsFJSVsso*
Interstage Application Server Enterprise Edition 8.0.3 for Windows [a]WindowsFJSVsso*
Interstage Application Server Standard-J Edition 8.0.3 for Windows [a]WindowsFJSVsso*
Interstage Application Server Enterprise Edition V9.0.0 for Windows [b]WindowsFJSVsso*
Interstage Application Server Standard-J Edition V9.0.0 for Windows [b]WindowsFJSVsso*
Interstage Application Server Enterprise Edition V9.0.0A for Windows [b]WindowsFJSVsso*
Interstage Application Server Standard-J Edition V9.0.0A for Windows [b]WindowsFJSVsso*
Interstage Application Server Enterprise Edition 8.0.0 [c]SolarisFJSVssoac*
Interstage Application Server Standard-J Edition 8.0.0 [c]SolarisFJSVssoac*
Interstage Application Server Enterprise Edition 8.0.2 [c]SolarisFJSVssoac*
Interstage Application Server Standard-J Edition 8.0.2 [c]SolarisFJSVssoac*
Interstage Application Server Enterprise Edition 8.0.3 [c]SolarisFJSVssoac*
Interstage Application Server Standard-J Edition 8.0.3 [c]SolarisFJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0 [d]SolarisFJSVssoac*
Interstage Application Server Standard-J Edition V9.0.0 [d]SolarisFJSVssoac*
Interstage Application Server Enterprise Edition 8.0.0 [c]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Standard-J Edition 8.0.0 [c]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Enterprise Edition 8.0.2 [c]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Standard-J Edition 8.0.2 [c]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Enterprise Edition 8.0.3 [c]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Standard-J Edition 8.0.3 [c]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0 [d]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0 [d]RHEL5(x86)/ RHEL5(Intel64)FJSVssoac*
Interstage Application Server Standard-J Edition V9.0.0 [d]RHEL-AS4(x86)/ AS4(EM64T)FJSVssoac*
Interstage Application Server Standard-J Edition V9.0.0 [d]RHEL5(x86)/ RHEL5(Intel64)FJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0 [d]RHEL-AS4(IPF)FJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0 [d]RHEL5(IPF)FJSVssoac*
Interstage Application Server Standard-J Edition V9.0.0 [d]RHEL-AS4(IPF)FJSVssoac*
Interstage Application Server Standard-J Edition V9.0.0 [d]RHEL5(IPF)FJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0A [d]RHEL-AS4(IPF)FJSVssoac*
Interstage Application Server Enterprise Edition V9.0.0A [d]RHEL5(IPF)FJSVssoac*
Interstage Apworks
ProductsTarget OSPackage namePatch ID.
Interstage Apworks Enterprise Edition 8.0.0 for Windows [a]WindowsFJSVsso*
Interstage Apworks Standard-J Edition 8.0.0 for Windows [a]WindowsFJSVsso*
Interstage Studio
ProductsTarget OSPackage namePatch ID.
Interstage Studio Enterprise Edition 8.0.1 for Windows [a]WindowsFJSVsso*
Interstage Studio Standard-J Edition 8.0.1 for Windows [a]WindowsFJSVsso*
Interstage Studio Enterprise Edition V9.0.0 for Windows [b]WindowsFJSVsso*
Interstage Studio Standard-J Edition V9.0.0 for Windows [b]WindowsFJSVsso*


* For the Patches without ID nor link, please contact a Fujitsu system engineer or your partner(s).

3-3. Workaround

Until this patch can be applied, the effects of this vulnerability can be avoided as shown below.

Edit the Interstage HTTP Server environment definition file (httpd.conf) that is used for running the Single Sign-on authentication server as shown below.
Use a maximum of 2000 bytes for the request URI length. Then restart the Interstage HTTP Server that is used for running the authentication server.

  • Note
    In products [a] and [c], the port number used for the Single Sign-on authentication server is set in the < VirtualHost > directive port number.
    In the examples below, the port is "443".
    • Product [a]
      Search for < Location /ssoatcag > in the definition file and add the LimitRequestLine directive as shown below:

      < VirtualHost _default_:443 >
      LimitRequestLine 2000
      < Location /ssoatcag >
      SetHandler ssoatcag-handler
      < /Location >
      SSLConfName SSO_SSL
      DocumentRoot "C:\Interstage\F3FMsso\ssoatcag\pub\docroot"
      < /VirtualHost >
    • Product [b]
      Search for < Location /ssoatcag > in the definition file and add the LimitRequestLine directive as shown below:

      LoadModule ssoatcag_module
      "C:\Interstage\F3FMsso\ssoatcag\lib\F3FMssoatcag.dll"
      LimitRequestLine 2000
      < Location /ssoatcag >
      SetHandler ssoatcag-handler
      < /Location >
    • Product [c]
      Search for < Location /ssoatcag > in the definition file and add the LimitRequestLine directive as shown below:

      < VirtualHost _default_:443 >
      LimitRequestLine 2000
      < Location /ssoatcag >
      SetHandler ssoatcag-handler
      < /Location >
      SSLConfName SSO
      DocumentRoot "/opt/FJSVssoac/pub/docroot"
      < /VirtualHost >
    • Product [d]
      Search for < Location /ssoatcag > in the definition file and add the LimitRequestLine directive as shown below:

      LoadModule ssoatcag_module "/opt/FJSVssoac/lib/ssoatcag.so"
      LimitRequestLine 2000
      < Location /ssoatcag >
      SetHandler ssoatcag-handler
      < /Location >

4. Revision history

  • February 25th, 2008 : Initial release

Top of Page