Vulnerabilites related to sun - java_system_directory_server
Vulnerability from fkie_nvd
Published
2009-12-28 19:30
Modified
2024-11-21 01:09
Severity ?
Summary
Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A2AAC3E9-6B8A-48DC-A135-715F94F078F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "D3FDCE4B-38AC-4843-82B5-7EF85750ACFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "C8490D6F-42B3-4602-84A5-BBDD4315F366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "1FE986BB-D278-4B34-9DC1-5D3102F94AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FEACE-2922-4731-B9DC-BFA025109E22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la funcionalidad psearch (tambi\u00e9n conocido como persistent search) en un Java System Directory Server Enterprise Edition v6.0 hasta v6.3.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada del psearch) al usar clientes psearch modificados para enviar peticiones que disparan un bucle en el proceso psearch, tambi\u00e9n conocido como Bug Id 6855978."
    }
  ],
  "id": "CVE-2009-4443",
  "lastModified": "2024-11-21T01:09:39.507",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-28T19:30:00.517",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-12-28 19:30
Modified
2024-11-21 01:09
Severity ?
Summary
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A2AAC3E9-6B8A-48DC-A135-715F94F078F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "D3FDCE4B-38AC-4843-82B5-7EF85750ACFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "C8490D6F-42B3-4602-84A5-BBDD4315F366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "1FE986BB-D278-4B34-9DC1-5D3102F94AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FEACE-2922-4731-B9DC-BFA025109E22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665."
    },
    {
      "lang": "es",
      "value": "Directory Proxy Server (DPS) en Sun Java System Directory Server Enterprise Edition v6.0 hasta v6.3.1 no implementa adecuadamente los valores de configuraci\u00f3n para el m\u00e1ximo n\u00famero de conexiones clientes, permitiendo a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento del slot de conexi\u00f3n) al realizar m\u00faltiples conexiones y no realizando operaciones en estas conexiones, tambi\u00e9n conocido como Bug Id 6648665."
    }
  ],
  "id": "CVE-2009-4442",
  "lastModified": "2024-11-21T01:09:39.363",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-28T19:30:00.500",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-16"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-02-13 11:06
Modified
2024-11-21 00:06
Severity ?
Summary
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite.
Impacted products
Vendor Product Version
sun java_system_directory_server 5.2



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite."
    }
  ],
  "id": "CVE-2006-0647",
  "lastModified": "2024-11-21T00:06:59.913",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-02-13T11:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18769"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015604"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16550"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0492"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24605"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24605"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2010-01-14 19:30
Modified
2024-11-21 01:11
Severity ?
Summary
The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message.
Impacted products
Vendor Product Version
sun java_system_directory_server 7.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:7.0:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "69B638E7-EEF6-4080-BCEE-83EDA0FED964",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n core_get_proxyauth_dn en ns-slapd en Sun Java System Directory Server Enterprise Edition v7.0, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (deferencia a puntero NULL y ca\u00edda de demonio) a trav\u00e9s de un mensaje LDAP Search Request manipulado."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
  "id": "CVE-2010-0313",
  "lastModified": "2024-11-21T01:11:57.553",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-14T19:30:00.607",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37978"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023431"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/37699"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0085"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55511"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/37699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55511"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-02-13 17:30
Modified
2024-11-21 01:00
Severity ?
Summary
Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests.
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFB0BDAA-9E8F-46EA-AE76-25E10CA55490",
              "versionEndIncluding": "5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.0:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "8EA36B7D-1506-4B50-B371-8CF16879A62D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Sun Java System Directory Server v5.2 p6 y versiones anteriores, y Enterprise Edition v5, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada de demonio) mediante peticiones LDAP manipuladas."
    }
  ],
  "id": "CVE-2009-0576",
  "lastModified": "2024-11-21T01:00:23.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-02-13T17:30:00.843",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33850"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116837-04-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-250086-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33732"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0409"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48662"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33850"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116837-04-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-250086-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33732"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48662"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-06-21 23:02
Modified
2024-11-21 00:12
Severity ?
Summary
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_enterprise_system:2003q4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8DFE4D-1FB6-41D7-AAB6-82400C6B4504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_enterprise_system:2004q2:*:*:*:*:*:*:*",
              "matchCriteriaId": "132976FA-A42E-4CC0-8C8F-9A034A046B07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_enterprise_system:2005q1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50246E42-89BE-4F08-A7D0-22977C985C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
    },
    {
      "lang": "es",
      "value": "Fallo de memoria en la Red de Servicios de Seguridad (NSS) 3.11, tal como se utiliza en Sun Java Enterprise System 2003Q4 2005Q1 y por medio de Java System Directory Server 5.2, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) mediante la realizaci\u00f3n de un gran n\u00famero de operaciones de cifrado RSA ."
    }
  ],
  "id": "CVE-2006-3127",
  "lastModified": "2024-11-21T00:12:52.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-21T23:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25048"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016294"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18604"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20846"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25048"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1573"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-02-17 17:30
Modified
2024-11-21 01:00
Severity ?
Summary
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "3F302F27-68F5-4B92-8579-8568B13D849C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "D3FDCE4B-38AC-4843-82B5-7EF85750ACFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "C8490D6F-42B3-4602-84A5-BBDD4315F366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "1FE986BB-D278-4B34-9DC1-5D3102F94AF1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests."
    },
    {
      "lang": "es",
      "value": "Sun Java System Directory Proxy Server en Sun Java System Directory Server Enterprise Edition v6.0 hasta v6.3, cuando una fuente de datos JDBC es utilizado, no se maneja adecuadamente (1) un valor largo en un ADD o (2) atributos de cadena largos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (JDBC backend outage) a trav\u00e9s de peticiones manipulada LDAP."
    }
  ],
  "id": "CVE-2009-0609",
  "lastModified": "2024-11-21T01:00:30.313",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-02-17T17:30:06.017",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33923"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33923"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33761"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-05-02 22:19
Modified
2024-11-21 00:30
Severity ?
Summary
Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4:*:*:*:*:*:*",
              "matchCriteriaId": "BE6D70A5-A2AE-4142-86C7-A3D15C155801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2:*:*:*:*:*:*",
              "matchCriteriaId": "5F64D5A0-9BED-497F-9C90-B4F404A699A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*",
              "matchCriteriaId": "1C4F9948-4A6A-4C68-8CDA-AF34ACA12D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q4:*:*:*:*:*:*",
              "matchCriteriaId": "92E44A06-2535-4841-8191-9B27B03A42CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBB854A-6951-4CA7-87BB-919B56F88ECB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en LDAP Software Development Kit (SDK) para C, como el usado en Sun Java System Directory Server 5.2 hasta el Patch 4 y Sun ONE Directory Server 5.1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante ciertas codificaciones BER."
    }
  ],
  "id": "CVE-2007-2466",
  "lastModified": "2024-11-21T00:30:51.620",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-02T22:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/35743"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25091"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/23743"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securitytracker.com/id?1017991"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1610"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25091"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/23743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securitytracker.com/id?1017991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1610"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34002"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-12-28 19:30
Modified
2024-11-21 01:09
Severity ?
Summary
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges of this user, by making a client connection in opportunistic circumstances, related to "long binds," aka Bug Ids 6828462 and 6823593.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A2AAC3E9-6B8A-48DC-A135-715F94F078F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "D3FDCE4B-38AC-4843-82B5-7EF85750ACFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "C8490D6F-42B3-4602-84A5-BBDD4315F366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "1FE986BB-D278-4B34-9DC1-5D3102F94AF1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges of this user, by making a client connection in opportunistic circumstances, related to \"long binds,\" aka Bug Ids 6828462 and 6823593."
    },
    {
      "lang": "es",
      "value": "Directory Proxy Server (DPS) en Sun Java System Directory Server Enterprise Edition v6.0 hasta v6.3.1 no maneja adecuadamente m\u00faltiples conexiones de cliente en un periodo corto de tiempo, permitiendo a atacantes remotos secuestrar la conexi\u00f3n interna de un usuario autenticado, al realizar una conexi\u00f3n cliente en las circunstancias oportunas, relacionado con \"long binds\", tambi\u00e9n conocido como Bug Ids 6828462 y 6823593."
    }
  ],
  "id": "CVE-2009-4440",
  "lastModified": "2024-11-21T01:09:39.073",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-28T19:30:00.453",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2010-02-25 19:30
Modified
2024-11-21 01:12
Severity ?
Summary
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "FFA6F380-C826-423E-8B99-39B056BEFD2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "E6AF40DE-2C28-48BD-A93E-078EC80712F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "75632022-B1ED-4B27-83AF-D9F1C9B1729C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "6A8544AD-C036-40BD-8EF9-A0E00D1774D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3.1:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "5DCA0476-98E5-4115-BE10-56BBD0ECA4E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:7.0:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "69B638E7-EEF6-4080-BCEE-83EDA0FED964",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades sin especificar en (1) ns-slapd y (2) slapd.exe en Sun Directory Server Enterprise Edition v7.0, Sun Java System Directory Server v5.2, y Sun Java System Directory Server Enterprise Edition v6.0 a la v6.3.1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de una petici\u00f3n de b\u00fasqueda manipulada en el LDAP."
    }
  ],
  "id": "CVE-2010-0708",
  "lastModified": "2024-11-21T01:12:47.650",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-25T19:30:00.593",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56603"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-06-14 23:30
Modified
2024-11-21 00:32
Severity ?
Summary
Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors.
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB3F1C2E-7BB6-41A7-8FFC-4E00F6E35FCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Sun Java System Directory Server (slapd) 6.0, y 5.2 with Patch 3 o 4, permite a atacantes remotos modificar ciertos datos a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2007-3225",
  "lastModified": "2024-11-21T00:32:42.373",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-14T23:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/37246"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25666"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24468"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018255"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2189"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34859"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/37246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34859"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-03-26 23:19
Modified
2024-11-21 00:15
Severity ?
Summary
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations.
References
cve@mitre.orghttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491Broken Link, Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24634Broken Link, Vendor Advisory
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1Broken Link
cve@mitre.orghttp://www.osvdb.org/33524Broken Link
cve@mitre.orghttp://www.securityfocus.com/bid/23117Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id?1017814Broken Link, Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1090Broken Link
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/33189Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24634Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/33524Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23117Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017814Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1090Broken Link
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/33189Third Party Advisory, VDB Entry
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBB854A-6951-4CA7-87BB-919B56F88ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E73C928E-92A5-4B61-BA90-56EABD6E7A73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations."
    },
    {
      "lang": "es",
      "value": "El servidor LDAP (ns-slapd) de Sun Java System Directory Server 5.2 Patch4 y anteriores y ONE Directory Server 5.1 y 5.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante peticiones mal formadas, probablemente peticiones BER mal formadas, las cuales disparan una liberaci\u00f3n de posiciones de memoria sin inicializar."
    }
  ],
  "id": "CVE-2006-4175",
  "lastModified": "2024-11-21T00:15:18.957",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-03-26T23:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24634"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/33524"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/23117"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1017814"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1090"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/33524"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/23117"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1017814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33189"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-824"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-12-28 19:30
Modified
2024-11-21 01:09
Severity ?
Summary
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections, aka Bug Id 6782659.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A2AAC3E9-6B8A-48DC-A135-715F94F078F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "D3FDCE4B-38AC-4843-82B5-7EF85750ACFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "C8490D6F-42B3-4602-84A5-BBDD4315F366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "1FE986BB-D278-4B34-9DC1-5D3102F94AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.3.1:enterprise:*:*:*:*:*:*",
              "matchCriteriaId": "2C2FEACE-2922-4731-B9DC-BFA025109E22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections, aka Bug Id 6782659."
    },
    {
      "lang": "es",
      "value": "Directory Proxy Server (DPS) en Sun Java System Directory Server Enterprise Edition v6.0 hasta v6.3.1 no habilita opci\u00f3n SO_KEEPALIVE socket, facilitando a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento del slot de conexi\u00f3n) mediante m\u00faltiples conexiones, tambi\u00e9n conocido como Bug Id 6782659."
    }
  ],
  "id": "CVE-2009-4441",
  "lastModified": "2024-11-21T01:09:39.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-28T19:30:00.467",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3647"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-06-14 23:30
Modified
2024-11-21 00:32
Severity ?
Summary
Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4:*:*:*:*:*:*",
              "matchCriteriaId": "BE6D70A5-A2AE-4142-86C7-A3D15C155801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2:*:*:*:*:*:*",
              "matchCriteriaId": "5F64D5A0-9BED-497F-9C90-B4F404A699A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*",
              "matchCriteriaId": "1C4F9948-4A6A-4C68-8CDA-AF34ACA12D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q4:*:*:*:*:*:*",
              "matchCriteriaId": "92E44A06-2535-4841-8191-9B27B03A42CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*",
              "matchCriteriaId": "A2AAC3E9-6B8A-48DC-A135-715F94F078F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBB854A-6951-4CA7-87BB-919B56F88ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E73C928E-92A5-4B61-BA90-56EABD6E7A73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Sun ONE/Java System Directory Server (slapd) 6.0, y 5.x anterior a 5.2 Parche 5, permite a atacantes remotos en determinar la existencia de atributos de una entrada a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2007-3224",
  "lastModified": "2024-11-21T00:32:42.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-14T23:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/37247"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25666"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24467"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018254"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2189"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/37247"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018254"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34858"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-04-28 17:05
Modified
2024-11-21 00:45
Severity ?
Summary
Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB3F1C2E-7BB6-41A7-8FFC-4E00F6E35FCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "379A742A-38AD-4A9D-B177-47899F0A9C14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE4DE2E-AB97-43BA-A55C-455958AA954B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the \"bind-dn\" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server."
    },
    {
      "lang": "es",
      "value": "Sun Java System Directory Proxy Server 6.0, 6.1, y 6.2 clasifica una conexi\u00f3n utilizando el criterio \"bind-dn\", lo cual puede provocar una aplicaci\u00f3n incorrecta de pol\u00edticas y permitir a atacantes remotos evitar restricciones de acceso previstas por el servidor."
    }
  ],
  "id": "CVE-2008-1995",
  "lastModified": "2024-11-21T00:45:50.713",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-04-28T17:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29978"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/28941"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019925"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1374/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1374/references"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-17 14:30
Modified
2024-11-21 01:02
Severity ?
Summary
The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.0:-:enterprise:*:*:*:*:*",
              "matchCriteriaId": "8EA36B7D-1506-4B50-B371-8CF16879A62D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "La caracter\u00edstica Online Help en Sun Java System Directory Server 5.2 y Enterprise Edition 5 permite a atacantes remotos determinar la existencia de ficheros y directorios y posiblemente obtener contenidos parciales de ficheros mediante vectores no especificados."
    }
  ],
  "id": "CVE-2009-1332",
  "lastModified": "2024-11-21T01:02:12.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-17T14:30:00.640",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/53800"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34751"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34548"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1059"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2006-05-22 21:06
Modified
2024-11-21 00:11
Severity ?
Summary
Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4:*:*:*:*:*:*",
              "matchCriteriaId": "BE6D70A5-A2AE-4142-86C7-A3D15C155801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2:*:*:*:*:*:*",
              "matchCriteriaId": "5F64D5A0-9BED-497F-9C90-B4F404A699A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*",
              "matchCriteriaId": "1C4F9948-4A6A-4C68-8CDA-AF34ACA12D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q4:*:*:*:*:*:*",
              "matchCriteriaId": "92E44A06-2535-4841-8191-9B27B03A42CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges."
    }
  ],
  "id": "CVE-2006-2513",
  "lastModified": "2024-11-21T00:11:28.793",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-05-22T21:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20144"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016112"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18018"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/1832"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1016112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/1832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26477"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-10-20 23:02
Modified
2024-11-21 00:01
Severity ?
Summary
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.
References
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=112862037500012&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=113815459026080&w=2
secalert@redhat.comhttp://secunia.com/advisories/17092Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/18590Vendor Advisory
secalert@redhat.comhttp://securityreason.com/securityalert/367
secalert@redhat.comhttp://securityreason.com/securityalert/51
secalert@redhat.comhttp://securitytracker.com/id?1015014
secalert@redhat.comhttp://securitytracker.com/id?1015536
secalert@redhat.comhttp://securitytracker.com/id?1015537
secalert@redhat.comhttp://securitytracker.com/id?1015538
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1Patch
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1
secalert@redhat.comhttp://www.securityfocus.com/bid/15013
secalert@redhat.comhttp://www.securityfocus.com/bid/16345
secalert@redhat.comhttp://www.vupen.com/english/advisories/2005/1988Vendor Advisory
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/24311
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=112862037500012&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=113815459026080&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17092Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18590Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/367
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/51
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015014
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015536
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015537
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015538
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15013
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16345
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/1988Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/24311



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2003q4:*:*:*:*:*:*",
              "matchCriteriaId": "F8A63139-DAC4-4748-8A20-18FE72C6E93A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2004q2:*:*:*:*:*:*",
              "matchCriteriaId": "DCF5317C-051B-4906-8438-DEA07EE4D757",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_proxy_server:5.2:2005q1:*:*:*:*:*:*",
              "matchCriteriaId": "2FCAD34C-19EB-429A-A41D-0DC1F0999154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "083E8ACF-7A6B-4C7C-B1E1-1567D09A8E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2003q4:*:*:*:*:*:*",
              "matchCriteriaId": "BE6D70A5-A2AE-4142-86C7-A3D15C155801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2004q2:*:*:*:*:*:*",
              "matchCriteriaId": "5F64D5A0-9BED-497F-9C90-B4F404A699A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:java_system_directory_server:5.2:2005q1:*:*:*:*:*:*",
              "matchCriteriaId": "1C4F9948-4A6A-4C68-8CDA-AF34ACA12D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_administration_server:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A099D284-A1C4-474D-ABF9-84DEC377D18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F3F2846-7A02-42A4-AE19-FCE28706FA9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:4.16:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "DA43DD25-AACA-4F63-A8E5-0CAA58C27BBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BB5338-F78C-4140-8F60-8BB0F9ADDF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F94220C9-8EFC-4491-A530-033EF32AEAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.0_sp2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A548BEA7-2592-49F0-BEE8-B077AFF7F8F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EBB854A-6951-4CA7-87BB-919B56F88ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:*:x86:*:*:*:*:*",
              "matchCriteriaId": "67D5A7FC-7F6B-461D-AD96-3A42036A91D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "3F12275A-86ED-4CB9-9849-BA3D3BF21A0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "30214F09-1DD9-4A04-AE86-F5FCC006BD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "8589402C-4E79-4615-A00B-F83B0508F6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp3:x86:*:*:*:*:*",
              "matchCriteriaId": "7ED2C81F-7B2E-4FC5-A521-BE156F00B5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:one_directory_server:5.1:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "4E773228-F889-48A4-98DC-44BB5E746CC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges."
    }
  ],
  "id": "CVE-2005-3269",
  "lastModified": "2024-11-21T00:01:29.450",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-10-20T23:02:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=112862037500012\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=113815459026080\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17092"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18590"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/367"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securityreason.com/securityalert/51"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015014"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015536"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015537"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1015538"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/15013"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/16345"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2005/1988"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=112862037500012\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=113815459026080\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/51"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015536"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16345"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2005/1988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2006-2513
Vulnerability from cvelistv5
Published
2006-05-22 21:00
Modified
2024-08-07 17:51
Severity ?
Summary
Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges.
References
http://securitytracker.com/id?1016112vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2006/1832vdb-entry, x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/26477vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/18018vdb-entry, x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/20144third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:51:04.762Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1016112",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016112"
          },
          {
            "name": "ADV-2006-1832",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1832"
          },
          {
            "name": "sun-java-unauth-access(26477)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26477"
          },
          {
            "name": "18018",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18018"
          },
          {
            "name": "102345",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1"
          },
          {
            "name": "20144",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20144"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1016112",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016112"
        },
        {
          "name": "ADV-2006-1832",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1832"
        },
        {
          "name": "sun-java-unauth-access(26477)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26477"
        },
        {
          "name": "18018",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18018"
        },
        {
          "name": "102345",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1"
        },
        {
          "name": "20144",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20144"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-2513",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1016112",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016112"
            },
            {
              "name": "ADV-2006-1832",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1832"
            },
            {
              "name": "sun-java-unauth-access(26477)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26477"
            },
            {
              "name": "18018",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18018"
            },
            {
              "name": "102345",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102345-1"
            },
            {
              "name": "20144",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20144"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-2513",
    "datePublished": "2006-05-22T21:00:00",
    "dateReserved": "2006-05-22T00:00:00",
    "dateUpdated": "2024-08-07T17:51:04.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-2466
Vulnerability from cvelistv5
Published
2007-05-02 22:00
Modified
2024-08-07 13:42
Severity ?
Summary
Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings.
References
http://www.securitytracker.com/id?1017991vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/25091third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1610vdb-entry, x_refsource_VUPEN
http://osvdb.org/35743vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/bid/23743vdb-entry, x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1vendor-advisory, x_refsource_SUNALERT
https://exchange.xforce.ibmcloud.com/vulnerabilities/34002vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:32.686Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1017991",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017991"
          },
          {
            "name": "25091",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25091"
          },
          {
            "name": "ADV-2007-1610",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1610"
          },
          {
            "name": "35743",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35743"
          },
          {
            "name": "23743",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23743"
          },
          {
            "name": "102895",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1"
          },
          {
            "name": "sun-java-ber-dos(34002)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34002"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1017991",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017991"
        },
        {
          "name": "25091",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25091"
        },
        {
          "name": "ADV-2007-1610",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1610"
        },
        {
          "name": "35743",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35743"
        },
        {
          "name": "23743",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23743"
        },
        {
          "name": "102895",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1"
        },
        {
          "name": "sun-java-ber-dos(34002)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34002"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2466",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1017991",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017991"
            },
            {
              "name": "25091",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25091"
            },
            {
              "name": "ADV-2007-1610",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1610"
            },
            {
              "name": "35743",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35743"
            },
            {
              "name": "23743",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23743"
            },
            {
              "name": "102895",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102895-1"
            },
            {
              "name": "sun-java-ber-dos(34002)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34002"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2466",
    "datePublished": "2007-05-02T22:00:00",
    "dateReserved": "2007-05-02T00:00:00",
    "dateUpdated": "2024-08-07T13:42:32.686Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4440
Vulnerability from cvelistv5
Published
2009-12-28 19:00
Modified
2024-08-07 07:01
Severity ?
Summary
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges of this user, by making a client connection in opportunistic circumstances, related to "long binds," aka Bug Ids 6828462 and 6823593.
References
http://www.vupen.com/english/advisories/2009/3647vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1x_refsource_CONFIRM
http://www.securityfocus.com/bid/37481vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1023389vdb-entry, x_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/37915third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.710Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-3647",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3647"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
          },
          {
            "name": "37481",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37481"
          },
          {
            "name": "1023389",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023389"
          },
          {
            "name": "270789",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
          },
          {
            "name": "37915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37915"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges of this user, by making a client connection in opportunistic circumstances, related to \"long binds,\" aka Bug Ids 6828462 and 6823593."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-11T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-3647",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3647"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
        },
        {
          "name": "37481",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37481"
        },
        {
          "name": "1023389",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023389"
        },
        {
          "name": "270789",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
        },
        {
          "name": "37915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37915"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4440",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges of this user, by making a client connection in opportunistic circumstances, related to \"long binds,\" aka Bug Ids 6828462 and 6823593."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-3647",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3647"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
            },
            {
              "name": "37481",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37481"
            },
            {
              "name": "1023389",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023389"
            },
            {
              "name": "270789",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
            },
            {
              "name": "37915",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37915"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4440",
    "datePublished": "2009-12-28T19:00:00",
    "dateReserved": "2009-12-28T00:00:00",
    "dateUpdated": "2024-08-07T07:01:20.710Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1995
Vulnerability from cvelistv5
Published
2008-04-28 17:00
Modified
2024-08-07 08:41
Severity ?
Summary
Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.
References
http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2008/1374/referencesvdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/28941vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1019925vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/29978third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:41:00.273Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "235381",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1"
          },
          {
            "name": "ADV-2008-1374",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1374/references"
          },
          {
            "name": "28941",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28941"
          },
          {
            "name": "1019925",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019925"
          },
          {
            "name": "29978",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29978"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the \"bind-dn\" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "235381",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1"
        },
        {
          "name": "ADV-2008-1374",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1374/references"
        },
        {
          "name": "28941",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28941"
        },
        {
          "name": "1019925",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019925"
        },
        {
          "name": "29978",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29978"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1995",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the \"bind-dn\" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "235381",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-235381-1"
            },
            {
              "name": "ADV-2008-1374",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1374/references"
            },
            {
              "name": "28941",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28941"
            },
            {
              "name": "1019925",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019925"
            },
            {
              "name": "29978",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29978"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1995",
    "datePublished": "2008-04-28T17:00:00",
    "dateReserved": "2008-04-28T00:00:00",
    "dateUpdated": "2024-08-07T08:41:00.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0647
Vulnerability from cvelistv5
Published
2006-02-13 11:00
Modified
2024-08-07 16:41
Severity ?
Summary
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:41:28.920Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18769",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18769"
          },
          {
            "name": "sun-java-ldap-dos(24605)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24605"
          },
          {
            "name": "[Dailydave] 20060210 ??? Sun Directory Server 5.2 fun ???",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html"
          },
          {
            "name": "16550",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16550"
          },
          {
            "name": "[Dailydave] 20060208 Sun Directory Server 5.2 fun",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html"
          },
          {
            "name": "102294",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1"
          },
          {
            "name": "ADV-2006-0492",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0492"
          },
          {
            "name": "1015604",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015604"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18769",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18769"
        },
        {
          "name": "sun-java-ldap-dos(24605)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24605"
        },
        {
          "name": "[Dailydave] 20060210 ??? Sun Directory Server 5.2 fun ???",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html"
        },
        {
          "name": "16550",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16550"
        },
        {
          "name": "[Dailydave] 20060208 Sun Directory Server 5.2 fun",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html"
        },
        {
          "name": "102294",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1"
        },
        {
          "name": "ADV-2006-0492",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0492"
        },
        {
          "name": "1015604",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015604"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0647",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18769",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18769"
            },
            {
              "name": "sun-java-ldap-dos(24605)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24605"
            },
            {
              "name": "[Dailydave] 20060210 ??? Sun Directory Server 5.2 fun ???",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002916.html"
            },
            {
              "name": "16550",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16550"
            },
            {
              "name": "[Dailydave] 20060208 Sun Directory Server 5.2 fun",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002914.html"
            },
            {
              "name": "102294",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102294-1"
            },
            {
              "name": "ADV-2006-0492",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0492"
            },
            {
              "name": "1015604",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015604"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0647",
    "datePublished": "2006-02-13T11:00:00",
    "dateReserved": "2006-02-13T00:00:00",
    "dateUpdated": "2024-08-07T16:41:28.920Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-0576
Vulnerability from cvelistv5
Published
2009-02-13 17:00
Modified
2024-08-07 04:40
Severity ?
Summary
Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:40:05.043Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116837-04-1"
          },
          {
            "name": "33850",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33850"
          },
          {
            "name": "ADV-2009-0409",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0409"
          },
          {
            "name": "33732",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33732"
          },
          {
            "name": "250086",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-250086-1"
          },
          {
            "name": "sun-java-sds-ldap-dos(48662)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48662"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116837-04-1"
        },
        {
          "name": "33850",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33850"
        },
        {
          "name": "ADV-2009-0409",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0409"
        },
        {
          "name": "33732",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33732"
        },
        {
          "name": "250086",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-250086-1"
        },
        {
          "name": "sun-java-sds-ldap-dos(48662)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48662"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0576",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116837-04-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116837-04-1"
            },
            {
              "name": "33850",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33850"
            },
            {
              "name": "ADV-2009-0409",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0409"
            },
            {
              "name": "33732",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33732"
            },
            {
              "name": "250086",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-250086-1"
            },
            {
              "name": "sun-java-sds-ldap-dos(48662)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48662"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0576",
    "datePublished": "2009-02-13T17:00:00",
    "dateReserved": "2009-02-13T00:00:00",
    "dateUpdated": "2024-08-07T04:40:05.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-3224
Vulnerability from cvelistv5
Published
2007-06-14 23:00
Modified
2024-08-07 14:05
Severity ?
Summary
Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/34858vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/2189vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1vendor-advisory, x_refsource_SUNALERT
http://www.securitytracker.com/id?1018254vdb-entry, x_refsource_SECTRACK
http://osvdb.org/37247vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/25666third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/24467vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:05:29.329Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "sun-java-unspecified-information-disclosure(34858)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34858"
          },
          {
            "name": "ADV-2007-2189",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2189"
          },
          {
            "name": "102876",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1"
          },
          {
            "name": "1018254",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018254"
          },
          {
            "name": "37247",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37247"
          },
          {
            "name": "25666",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25666"
          },
          {
            "name": "24467",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24467"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "sun-java-unspecified-information-disclosure(34858)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34858"
        },
        {
          "name": "ADV-2007-2189",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2189"
        },
        {
          "name": "102876",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1"
        },
        {
          "name": "1018254",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018254"
        },
        {
          "name": "37247",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37247"
        },
        {
          "name": "25666",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25666"
        },
        {
          "name": "24467",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24467"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3224",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "sun-java-unspecified-information-disclosure(34858)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34858"
            },
            {
              "name": "ADV-2007-2189",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2189"
            },
            {
              "name": "102876",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1"
            },
            {
              "name": "1018254",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018254"
            },
            {
              "name": "37247",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37247"
            },
            {
              "name": "25666",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25666"
            },
            {
              "name": "24467",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24467"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3224",
    "datePublished": "2007-06-14T23:00:00",
    "dateReserved": "2007-06-14T00:00:00",
    "dateUpdated": "2024-08-07T14:05:29.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-3225
Vulnerability from cvelistv5
Published
2007-06-14 23:00
Modified
2024-08-07 14:05
Severity ?
Summary
Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors.
References
http://www.vupen.com/english/advisories/2007/2189vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/24468vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1018255vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/25666third-party-advisory, x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/34859vdb-entry, x_refsource_XF
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1vendor-advisory, x_refsource_SUNALERT
http://osvdb.org/37246vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:05:29.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2189",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2189"
          },
          {
            "name": "24468",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24468"
          },
          {
            "name": "1018255",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018255"
          },
          {
            "name": "25666",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25666"
          },
          {
            "name": "sun-java-unspecified-unauthorized-access(34859)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34859"
          },
          {
            "name": "102875",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1"
          },
          {
            "name": "37246",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37246"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2189",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2189"
        },
        {
          "name": "24468",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24468"
        },
        {
          "name": "1018255",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018255"
        },
        {
          "name": "25666",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25666"
        },
        {
          "name": "sun-java-unspecified-unauthorized-access(34859)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34859"
        },
        {
          "name": "102875",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1"
        },
        {
          "name": "37246",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37246"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3225",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2189",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2189"
            },
            {
              "name": "24468",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24468"
            },
            {
              "name": "1018255",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018255"
            },
            {
              "name": "25666",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25666"
            },
            {
              "name": "sun-java-unspecified-unauthorized-access(34859)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34859"
            },
            {
              "name": "102875",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1"
            },
            {
              "name": "37246",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37246"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3225",
    "datePublished": "2007-06-14T23:00:00",
    "dateReserved": "2007-06-14T00:00:00",
    "dateUpdated": "2024-08-07T14:05:29.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-1332
Vulnerability from cvelistv5
Published
2009-04-17 14:00
Modified
2024-08-07 05:13
Severity ?
Summary
The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.
References
http://www.securityfocus.com/bid/34548vdb-entry, x_refsource_BID
http://osvdb.org/53800vdb-entry, x_refsource_OSVDB
http://www.vupen.com/english/advisories/2009/1059vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/34751third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1vendor-advisory, x_refsource_SUNALERT
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:13:24.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "34548",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34548"
          },
          {
            "name": "53800",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53800"
          },
          {
            "name": "ADV-2009-1059",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1059"
          },
          {
            "name": "34751",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34751"
          },
          {
            "name": "255848",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-28T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "34548",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34548"
        },
        {
          "name": "53800",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53800"
        },
        {
          "name": "ADV-2009-1059",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1059"
        },
        {
          "name": "34751",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34751"
        },
        {
          "name": "255848",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1332",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "34548",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34548"
            },
            {
              "name": "53800",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53800"
            },
            {
              "name": "ADV-2009-1059",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1059"
            },
            {
              "name": "34751",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34751"
            },
            {
              "name": "255848",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1332",
    "datePublished": "2009-04-17T14:00:00",
    "dateReserved": "2009-04-17T00:00:00",
    "dateUpdated": "2024-08-07T05:13:24.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0313
Vulnerability from cvelistv5
Published
2010-01-14 19:00
Modified
2024-08-07 00:45
Severity ?
Summary
The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:12.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "jsds-coregetproxyauthdn-dos(55511)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55511"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html"
          },
          {
            "name": "1023431",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023431"
          },
          {
            "name": "ADV-2010-0085",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0085"
          },
          {
            "name": "37699",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37699"
          },
          {
            "name": "37978",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37978"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "jsds-coregetproxyauthdn-dos(55511)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55511"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html"
        },
        {
          "name": "1023431",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023431"
        },
        {
          "name": "ADV-2010-0085",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0085"
        },
        {
          "name": "37699",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37699"
        },
        {
          "name": "37978",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37978"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0313",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "jsds-coregetproxyauthdn-dos(55511)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55511"
            },
            {
              "name": "http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html",
              "refsource": "MISC",
              "url": "http://intevydis.blogspot.com/2010/01/sun-directory-server-70.html"
            },
            {
              "name": "1023431",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023431"
            },
            {
              "name": "ADV-2010-0085",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0085"
            },
            {
              "name": "37699",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37699"
            },
            {
              "name": "37978",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37978"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0313",
    "datePublished": "2010-01-14T19:00:00",
    "dateReserved": "2010-01-14T00:00:00",
    "dateUpdated": "2024-08-07T00:45:12.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-3269
Vulnerability from cvelistv5
Published
2005-10-20 04:00
Modified
2024-08-07 23:01
Severity ?
Summary
Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.
References
http://securitytracker.com/id?1015538vdb-entry, x_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=112862037500012&w=2mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/15013vdb-entry, x_refsource_BID
http://securitytracker.com/id?1015536vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/18590third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/367third-party-advisory, x_refsource_SREASON
http://www.securityfocus.com/bid/16345vdb-entry, x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1vendor-advisory, x_refsource_SUNALERT
http://securityreason.com/securityalert/51third-party-advisory, x_refsource_SREASON
https://exchange.xforce.ibmcloud.com/vulnerabilities/24311vdb-entry, x_refsource_XF
http://secunia.com/advisories/17092third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1015014vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2005/1988vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=113815459026080&w=2mailing-list, x_refsource_BUGTRAQ
http://securitytracker.com/id?1015537vdb-entry, x_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1vendor-advisory, x_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:01:59.084Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015538",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015538"
          },
          {
            "name": "20051006 High Risk Vulnerability in Sun Directory Server",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=112862037500012\u0026w=2"
          },
          {
            "name": "15013",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15013"
          },
          {
            "name": "1015536",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015536"
          },
          {
            "name": "18590",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18590"
          },
          {
            "name": "367",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/367"
          },
          {
            "name": "16345",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16345"
          },
          {
            "name": "102002",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1"
          },
          {
            "name": "51",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/51"
          },
          {
            "name": "redhat-directory-admin-bo(24311)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311"
          },
          {
            "name": "17092",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17092"
          },
          {
            "name": "1015014",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015014"
          },
          {
            "name": "ADV-2005-1988",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/1988"
          },
          {
            "name": "20060122 High Risk Vulnerability in Red Hat Directory Server and Red Hat Certificate Server",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=113815459026080\u0026w=2"
          },
          {
            "name": "1015537",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015537"
          },
          {
            "name": "228419",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-10-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1015538",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015538"
        },
        {
          "name": "20051006 High Risk Vulnerability in Sun Directory Server",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=112862037500012\u0026w=2"
        },
        {
          "name": "15013",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15013"
        },
        {
          "name": "1015536",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015536"
        },
        {
          "name": "18590",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18590"
        },
        {
          "name": "367",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/367"
        },
        {
          "name": "16345",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16345"
        },
        {
          "name": "102002",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1"
        },
        {
          "name": "51",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/51"
        },
        {
          "name": "redhat-directory-admin-bo(24311)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311"
        },
        {
          "name": "17092",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17092"
        },
        {
          "name": "1015014",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015014"
        },
        {
          "name": "ADV-2005-1988",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/1988"
        },
        {
          "name": "20060122 High Risk Vulnerability in Red Hat Directory Server and Red Hat Certificate Server",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=113815459026080\u0026w=2"
        },
        {
          "name": "1015537",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015537"
        },
        {
          "name": "228419",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2005-3269",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015538",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015538"
            },
            {
              "name": "20051006 High Risk Vulnerability in Sun Directory Server",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=112862037500012\u0026w=2"
            },
            {
              "name": "15013",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15013"
            },
            {
              "name": "1015536",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015536"
            },
            {
              "name": "18590",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18590"
            },
            {
              "name": "367",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/367"
            },
            {
              "name": "16345",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16345"
            },
            {
              "name": "102002",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102002-1"
            },
            {
              "name": "51",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/51"
            },
            {
              "name": "redhat-directory-admin-bo(24311)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24311"
            },
            {
              "name": "17092",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17092"
            },
            {
              "name": "1015014",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015014"
            },
            {
              "name": "ADV-2005-1988",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/1988"
            },
            {
              "name": "20060122 High Risk Vulnerability in Red Hat Directory Server and Red Hat Certificate Server",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=113815459026080\u0026w=2"
            },
            {
              "name": "1015537",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015537"
            },
            {
              "name": "228419",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-228419-1"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-117665-03-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3269",
    "datePublished": "2005-10-20T04:00:00",
    "dateReserved": "2005-10-20T00:00:00",
    "dateUpdated": "2024-08-07T23:01:59.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4442
Vulnerability from cvelistv5
Published
2009-12-28 19:00
Modified
2024-08-07 07:01
Severity ?
Summary
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.
References
http://www.vupen.com/english/advisories/2009/3647vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1x_refsource_CONFIRM
http://www.securityfocus.com/bid/37481vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1023389vdb-entry, x_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/37915third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.273Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-3647",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3647"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
          },
          {
            "name": "37481",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37481"
          },
          {
            "name": "1023389",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023389"
          },
          {
            "name": "270789",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
          },
          {
            "name": "37915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37915"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-11T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-3647",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3647"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
        },
        {
          "name": "37481",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37481"
        },
        {
          "name": "1023389",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023389"
        },
        {
          "name": "270789",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
        },
        {
          "name": "37915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37915"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4442",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-3647",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3647"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
            },
            {
              "name": "37481",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37481"
            },
            {
              "name": "1023389",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023389"
            },
            {
              "name": "270789",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
            },
            {
              "name": "37915",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37915"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4442",
    "datePublished": "2009-12-28T19:00:00",
    "dateReserved": "2009-12-28T00:00:00",
    "dateUpdated": "2024-08-07T07:01:20.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-4175
Vulnerability from cvelistv5
Published
2007-03-26 23:00
Modified
2024-08-07 18:57
Severity ?
Summary
The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/33189vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/1090vdb-entry, x_refsource_VUPEN
http://www.osvdb.org/33524vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/24634third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1017814vdb-entry, x_refsource_SECTRACK
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491third-party-advisory, x_refsource_IDEFENSE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1vendor-advisory, x_refsource_SUNALERT
http://www.securityfocus.com/bid/23117vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:57:46.319Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "sun-java-cleanupcode-dos(33189)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33189"
          },
          {
            "name": "ADV-2007-1090",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1090"
          },
          {
            "name": "33524",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/33524"
          },
          {
            "name": "24634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24634"
          },
          {
            "name": "1017814",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017814"
          },
          {
            "name": "20070323 Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491"
          },
          {
            "name": "102853",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1"
          },
          {
            "name": "23117",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23117"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "sun-java-cleanupcode-dos(33189)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33189"
        },
        {
          "name": "ADV-2007-1090",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1090"
        },
        {
          "name": "33524",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/33524"
        },
        {
          "name": "24634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24634"
        },
        {
          "name": "1017814",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017814"
        },
        {
          "name": "20070323 Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491"
        },
        {
          "name": "102853",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1"
        },
        {
          "name": "23117",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23117"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized memory locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "sun-java-cleanupcode-dos(33189)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33189"
            },
            {
              "name": "ADV-2007-1090",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1090"
            },
            {
              "name": "33524",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/33524"
            },
            {
              "name": "24634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24634"
            },
            {
              "name": "1017814",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017814"
            },
            {
              "name": "20070323 Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491"
            },
            {
              "name": "102853",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1"
            },
            {
              "name": "23117",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23117"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4175",
    "datePublished": "2007-03-26T23:00:00",
    "dateReserved": "2006-08-16T00:00:00",
    "dateUpdated": "2024-08-07T18:57:46.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-0609
Vulnerability from cvelistv5
Published
2009-02-17 17:00
Modified
2024-09-16 16:18
Severity ?
Summary
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests.
References
http://www.securityfocus.com/bid/33761vdb-entry, x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/33923third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:40:05.119Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33761",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33761"
          },
          {
            "name": "251086",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1"
          },
          {
            "name": "33923",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33923"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-17T17:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "33761",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33761"
        },
        {
          "name": "251086",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1"
        },
        {
          "name": "33923",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33923"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0609",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33761",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33761"
            },
            {
              "name": "251086",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-251086-1"
            },
            {
              "name": "33923",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33923"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125276-08-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0609",
    "datePublished": "2009-02-17T17:00:00Z",
    "dateReserved": "2009-02-17T00:00:00Z",
    "dateUpdated": "2024-09-16T16:18:25.883Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4441
Vulnerability from cvelistv5
Published
2009-12-28 19:00
Modified
2024-08-07 07:01
Severity ?
Summary
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections, aka Bug Id 6782659.
References
http://www.vupen.com/english/advisories/2009/3647vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1x_refsource_CONFIRM
http://www.securityfocus.com/bid/37481vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1023389vdb-entry, x_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/37915third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.623Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-3647",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3647"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
          },
          {
            "name": "37481",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37481"
          },
          {
            "name": "1023389",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023389"
          },
          {
            "name": "270789",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
          },
          {
            "name": "37915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37915"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections, aka Bug Id 6782659."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-11T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-3647",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3647"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
        },
        {
          "name": "37481",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37481"
        },
        {
          "name": "1023389",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023389"
        },
        {
          "name": "270789",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
        },
        {
          "name": "37915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37915"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4441",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections, aka Bug Id 6782659."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-3647",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3647"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
            },
            {
              "name": "37481",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37481"
            },
            {
              "name": "1023389",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023389"
            },
            {
              "name": "270789",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
            },
            {
              "name": "37915",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37915"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4441",
    "datePublished": "2009-12-28T19:00:00",
    "dateReserved": "2009-12-28T00:00:00",
    "dateUpdated": "2024-08-07T07:01:20.623Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4443
Vulnerability from cvelistv5
Published
2009-12-28 19:00
Modified
2024-08-07 07:01
Severity ?
Summary
Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978.
References
http://www.vupen.com/english/advisories/2009/3647vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1x_refsource_CONFIRM
http://www.securityfocus.com/bid/37481vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1023389vdb-entry, x_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1vendor-advisory, x_refsource_SUNALERT
http://secunia.com/advisories/37915third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:01:20.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-3647",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3647"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
          },
          {
            "name": "37481",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37481"
          },
          {
            "name": "1023389",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023389"
          },
          {
            "name": "270789",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
          },
          {
            "name": "37915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37915"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-06-11T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-3647",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3647"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
        },
        {
          "name": "37481",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37481"
        },
        {
          "name": "1023389",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023389"
        },
        {
          "name": "270789",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
        },
        {
          "name": "37915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37915"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4443",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-3647",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3647"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141958-01-1"
            },
            {
              "name": "37481",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37481"
            },
            {
              "name": "1023389",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023389"
            },
            {
              "name": "270789",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270789-1"
            },
            {
              "name": "37915",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37915"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4443",
    "datePublished": "2009-12-28T19:00:00",
    "dateReserved": "2009-12-28T00:00:00",
    "dateUpdated": "2024-08-07T07:01:20.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3127
Vulnerability from cvelistv5
Published
2006-06-21 23:00
Modified
2024-08-07 18:16
Severity ?
Summary
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
References
http://www.securityfocus.com/bid/18604vdb-entry, x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1vendor-advisory, x_refsource_SUNALERT
http://www.vupen.com/english/advisories/2007/1573vdb-entry, x_refsource_VUPEN
http://securitytracker.com/id?1016294vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/25048third-party-advisory, x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1vendor-advisory, x_refsource_SUNALERT
http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.htmlvendor-advisory, x_refsource_FEDORA
http://www.securityfocus.com/bid/20846vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:16:05.966Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18604",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18604"
          },
          {
            "name": "102461",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
          },
          {
            "name": "ADV-2007-1573",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1573"
          },
          {
            "name": "1016294",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016294"
          },
          {
            "name": "25048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25048"
          },
          {
            "name": "102896",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
          },
          {
            "name": "FEDORA-2006-728",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
          },
          {
            "name": "20846",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20846"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-06-27T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18604",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18604"
        },
        {
          "name": "102461",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
        },
        {
          "name": "ADV-2007-1573",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1573"
        },
        {
          "name": "1016294",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016294"
        },
        {
          "name": "25048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25048"
        },
        {
          "name": "102896",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
        },
        {
          "name": "FEDORA-2006-728",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
        },
        {
          "name": "20846",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20846"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3127",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18604",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18604"
            },
            {
              "name": "102461",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102461-1"
            },
            {
              "name": "ADV-2007-1573",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1573"
            },
            {
              "name": "1016294",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016294"
            },
            {
              "name": "25048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25048"
            },
            {
              "name": "102896",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102896-1"
            },
            {
              "name": "FEDORA-2006-728",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-package-announce/2006-June/msg00155.html"
            },
            {
              "name": "20846",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20846"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3127",
    "datePublished": "2006-06-21T23:00:00",
    "dateReserved": "2006-06-21T00:00:00",
    "dateUpdated": "2024-08-07T18:16:05.966Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0708
Vulnerability from cvelistv5
Published
2010-02-25 19:00
Modified
2024-08-07 00:59
Severity ?
Summary
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:38.564Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1021788",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1"
          },
          {
            "name": "275711",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1"
          },
          {
            "name": "jsds-nsslapd-slapd-dos(56603)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56603"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1021788",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1"
        },
        {
          "name": "275711",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1"
        },
        {
          "name": "jsds-nsslapd-slapd-dos(56603)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56603"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of service (daemon crash) via a crafted LDAP search request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1021788",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021788.1-1"
            },
            {
              "name": "275711",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-275711-1"
            },
            {
              "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1",
              "refsource": "CONFIRM",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143884-01-1"
            },
            {
              "name": "jsds-nsslapd-slapd-dos(56603)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56603"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0708",
    "datePublished": "2010-02-25T19:00:00",
    "dateReserved": "2010-02-25T00:00:00",
    "dateUpdated": "2024-08-07T00:59:38.564Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}