This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2005-10-20
Product Java System Directory Server Last view 2009-02-13
Version 5.2 Type Application
Update 2003q4  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:sun:java_system_directory_server

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2009-02-13 CVE-2009-0576

Unspecified vulnerability in Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests.

5 2007-06-14 CVE-2007-3224

Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.

7.8 2007-05-02 CVE-2007-2466

Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings.

7.5 2006-05-22 CVE-2006-2513

Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges.

7.5 2005-10-20 CVE-2005-3269

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
51955 Sun Java System Directory Server Crafted LDAP Request Handling DoS
37247 Sun ONE/Java System Directory Server (slapd) Unspecified Remote Attribute Enu...
35743 Sun Java System Directory Server LDAP Software Development Kit (SDK) BER Enco...
25575 Sun Java System Directory Server Console Authentication Bypass
19881 Sun Java System Directory Server Unspecified HTTP Admin Interface Issue

Nessus® Vulnerability Scanner

id Description
2007-07-12 Name: The remote LDAP server has multiple vulnerabilities.
File: sun_directory_server_multiple.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115610-25
File: solaris10_115610.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115614-28
File: solaris10_115614.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115611-25
File: solaris10_x86_115611.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115615-28
File: solaris10_x86_115615.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115610-25
File: solaris8_115610.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115614-28
File: solaris8_115614.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115610-25
File: solaris9_115610.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115614-28
File: solaris9_115614.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115611-25
File: solaris9_x86_115611.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 115615-28
File: solaris9_x86_115615.nasl - Type: ACT_GATHER_INFO
2006-05-26 Name: The remote web server is protected with a default set of credentials.
File: sun_ds_server_console_access.nasl - Type: ACT_ATTACK