VYPR

Java System Directory Server

by Sun Corporation

CVEs (24)

  • CVE-2010-0313Jan 14, 2010
    risk 0.04cvss epss 0.09

    The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message.

  • CVE-2006-0647Feb 13, 2006
    risk 0.04cvss epss 0.10

    LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP…

  • CVE-2010-0897Apr 13, 2010
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Directory Service Markup…

  • CVE-2010-0708Feb 25, 2010
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allow remote attackers to cause a denial of…

  • CVE-2009-4443Dec 28, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted…

  • CVE-2009-4442Dec 28, 2009
    risk 0.00cvss epss 0.02

    Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making…

  • CVE-2009-4441Dec 28, 2009
    risk 0.00cvss epss 0.02

    Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections,…

  • CVE-2009-4440Dec 28, 2009
    risk 0.00cvss epss 0.02

    Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and…

  • CVE-2009-1332Apr 17, 2009
    risk 0.00cvss epss 0.02

    The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote attackers to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.

  • CVE-2009-0609Feb 17, 2009
    risk 0.00cvss epss 0.03

    Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of…

  • CVE-2009-0576Feb 13, 2009
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests.

  • CVE-2008-1995Apr 28, 2008
    risk 0.00cvss epss 0.02

    Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.

  • CVE-2007-3224Jun 14, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.

  • CVE-2007-3225Jun 14, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors.

  • CVE-2007-2466May 2, 2007
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings.

  • CVE-2006-4175Mar 26, 2007
    risk 0.00cvss epss 0.03

    The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Directory Server 5.1 and 5.2 allows remote attackers to cause a denial of service (crash) via malformed queries, probably malformed BER queries, which trigger a free of uninitialized…

  • CVE-2006-3127Jun 21, 2006
    risk 0.00cvss epss 0.03

    Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic…

  • CVE-2006-2513May 22, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges.

  • CVE-2005-3269Oct 20, 2005
    risk 0.00cvss epss 0.03

    Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5)…

  • CVE-2003-1125Dec 31, 2003
    risk 0.00cvss epss 0.01

    Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt).

Page 1 of 2