What is the severity of CVE-2008-3683?

CVE-2008-3683 is considered a denial of service vulnerability that may severely impact the availability of the affected services.

How do I fix CVE-2008-3683?

To fix CVE-2008-3683, upgrade the Sun Java System Web Proxy Server to version 4.0.5 or later with the appropriate service pack.

What versions are affected by CVE-2008-3683?

CVE-2008-3683 affects Sun Java System Web Proxy Server versions 4.0 through 4.0.5 before SP6.

What kind of attacks can be performed using CVE-2008-3683?

CVE-2008-3683 allows remote attackers to cause a denial of service by exhausting file descriptors, leading to a failure to accept new connections.

Is there a workaround for CVE-2008-3683 if I cannot immediately patch?

While immediate patching is recommended, consider limiting the number of concurrent connections or implementing a firewall rule to minimize exposure until a patch can be applied.

Vulnerability/
CVE-2008-3683

medium

CWE

14/8/2008

7/8/2024

CVE-2008-3683

First published: Thu Aug 14 2008(Updated: )

Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Oracle Sun Java System Web Proxy Server	=4.0.2-sp1
Oracle Sun Java System Web Proxy Server	=4-sp1
Oracle Sun Java System Web Proxy Server	=4.0.5-sp2
Oracle Sun Java System Web Proxy Server	=4.0.4-sp5
Oracle Sun Java System Web Proxy Server	=4.0.1-sp5
Oracle Sun Java System Web Proxy Server	=4.0.2-sp2
Oracle Sun Java System Web Proxy Server	=4.0.5-sp1
Oracle Sun Java System Web Proxy Server	=4.0.3-sp3
Oracle Sun Java System Web Proxy Server	=4.0.3-sp2
Oracle Sun Java System Web Proxy Server	=4.0.5-sp4
Oracle Sun Java System Web Proxy Server	=4-sp2
Oracle Sun Java System Web Proxy Server	=4.0.1-sp3
Oracle Sun Java System Web Proxy Server	=4.0.2-sp4
Oracle Sun Java System Web Proxy Server	=4.0.1-sp2
Oracle Sun Java System Web Proxy Server	=4.0.3-sp5
Oracle Sun Java System Web Proxy Server	=4.0.4-sp4
Oracle Sun Java System Web Proxy Server	=4-sp4
Oracle Sun Java System Web Proxy Server	=4.0.1-sp1
Oracle Sun Java System Web Proxy Server	=4.0.4-sp1
Oracle Sun Java System Web Proxy Server	=4.0.4-sp3
Oracle Sun Java System Web Proxy Server	=4-sp3
Oracle Sun Java System Web Proxy Server	=4.0.1-sp4
Oracle Sun Java System Web Proxy Server	=4.0.5-sp3
Oracle Sun Java System Web Proxy Server	=4.0.3-sp4
Oracle Sun Java System Web Proxy Server	=4.0.3-sp1
Oracle Sun Java System Web Proxy Server	=4-sp5
Oracle Sun Java System Web Proxy Server	=4.0.4-sp2
Oracle Sun Java System Web Proxy Server	=4.0.2-sp5
Oracle Sun Java System Web Proxy Server	=4.0.2-sp3
Oracle Sun Java System Web Proxy Server	=4.0.5-sp5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-3683?
CVE-2008-3683 is considered a denial of service vulnerability that may severely impact the availability of the affected services.
How do I fix CVE-2008-3683?
To fix CVE-2008-3683, upgrade the Sun Java System Web Proxy Server to version 4.0.5 or later with the appropriate service pack.
What versions are affected by CVE-2008-3683?
CVE-2008-3683 affects Sun Java System Web Proxy Server versions 4.0 through 4.0.5 before SP6.
What kind of attacks can be performed using CVE-2008-3683?
CVE-2008-3683 allows remote attackers to cause a denial of service by exhausting file descriptors, leading to a failure to accept new connections.
Is there a workaround for CVE-2008-3683 if I cannot immediately patch?
While immediate patching is recommended, consider limiting the number of concurrent connections or implementing a firewall rule to minimize exposure until a patch can be applied.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/last-modified-date
agent/remedy
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/sun
canonical/oracle sun java system web proxy server
version/oracle sun java system web proxy server/4.0.2-sp1
version/oracle sun java system web proxy server/4-sp1
version/oracle sun java system web proxy server/4.0.5-sp2
version/oracle sun java system web proxy server/4.0.4-sp5
version/oracle sun java system web proxy server/4.0.1-sp5
version/oracle sun java system web proxy server/4.0.2-sp2
version/oracle sun java system web proxy server/4.0.5-sp1
version/oracle sun java system web proxy server/4.0.3-sp3
version/oracle sun java system web proxy server/4.0.3-sp2
version/oracle sun java system web proxy server/4.0.5-sp4
version/oracle sun java system web proxy server/4-sp2
version/oracle sun java system web proxy server/4.0.1-sp3
version/oracle sun java system web proxy server/4.0.2-sp4
version/oracle sun java system web proxy server/4.0.1-sp2
version/oracle sun java system web proxy server/4.0.3-sp5
version/oracle sun java system web proxy server/4.0.4-sp4
version/oracle sun java system web proxy server/4-sp4
version/oracle sun java system web proxy server/4.0.1-sp1
version/oracle sun java system web proxy server/4.0.4-sp1
version/oracle sun java system web proxy server/4.0.4-sp3
version/oracle sun java system web proxy server/4-sp3
version/oracle sun java system web proxy server/4.0.1-sp4
version/oracle sun java system web proxy server/4.0.5-sp3
version/oracle sun java system web proxy server/4.0.3-sp4
version/oracle sun java system web proxy server/4.0.3-sp1
version/oracle sun java system web proxy server/4-sp5
version/oracle sun java system web proxy server/4.0.4-sp2
version/oracle sun java system web proxy server/4.0.2-sp5
version/oracle sun java system web proxy server/4.0.2-sp3
version/oracle sun java system web proxy server/4.0.5-sp5

CVE-2008-3683

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-3683?

How do I fix CVE-2008-3683?

What versions are affected by CVE-2008-3683?

What kind of attacks can be performed using CVE-2008-3683?

Is there a workaround for CVE-2008-3683 if I cannot immediately patch?

Company

Resources

Contact