This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2007-06-14
Product Java System Directory Server Last view 2008-04-28
Version 6.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:sun:java_system_directory_server

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2008-04-28 CVE-2008-1995

Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2 classifies a connection using the "bind-dn" criteria, which can cause an incorrect application of policy and allows remote attackers to bypass intended access restrictions for the server.

6.4 2007-06-14 CVE-2007-3225

Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-264 Permissions, Privileges, and Access Controls

Open Source Vulnerability Database (OSVDB)

id Description
44624 Sun Java System Directory Server bind-dn Remote Privilege Escalation
37246 Sun Java System Directory Server (slapd) Unspecified Remote Data Manipulation

Nessus® Vulnerability Scanner

id Description
2008-05-01 Name: The remote LDAP proxy server is prone to an unauthorized access attack.
File: sun_directory_remote_admin_unauth_access.nasl - Type: ACT_GATHER_INFO
2007-07-12 Name: The remote LDAP server has multiple vulnerabilities.
File: sun_directory_server_multiple.nasl - Type: ACT_GATHER_INFO