Unrated severityNVD Advisory· Published Dec 28, 2009· Updated Jun 16, 2026
CVE-2009-4442
CVE-2009-4442
Description
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.
Affected products
6cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*+ 4 more
- cpe:2.3:a:sun:java_system_directory_server:6.0:*:enterprise:*:*:*:*:*
- cpe:2.3:a:sun:java_system_directory_server:6.1:enterprise:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_directory_server:6.2:enterprise:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_directory_server:6.3.1:enterprise:*:*:*:*:*:*
- cpe:2.3:a:sun:java_system_directory_server:6.3:enterprise:*:*:*:*:*:*
- Range: >=6.0, <=6.3.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.