This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Sun First view 2009-02-17
Product Java System Directory Server Last view 2009-02-17
Version 6.0 Type Application
Update enterprise  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:sun:java_system_directory_server

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2009-02-17 CVE-2009-0609

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote attackers to cause a denial of service (JDBC backend outage) via crafted LDAP requests.

CWE : Common Weakness Enumeration

100% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
52513 Sun Java System Directory Proxy Server Crafted LDAP Request Remote DoS

Nessus® Vulnerability Scanner

id Description
2009-02-13 Name: The remote LDAP server is affected by a denial of service vulnerability.
File: sun_directory_server_ldap_req_dos.nasl - Type: ACT_GATHER_INFO
2007-10-12 Name: The remote host is missing Sun Security Patch number 125276-10
File: solaris10_125276.nasl - Type: ACT_GATHER_INFO