This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2009-12-28
Product Java System Directory Server Last view 2009-12-28
Version 6.3.1 Type Application
Update enterprise  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:sun:java_system_directory_server

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2009-12-28 CVE-2009-4443

Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service (psearch outage) by using a crafted psearch client to send requests that trigger a psearch thread loop, aka Bug Id 6855978.

5 2009-12-28 CVE-2009-4442

Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service (connection slot exhaustion) by making multiple connections and performing no operations on these connections, aka Bug Id 6648665.

5 2009-12-28 CVE-2009-4441

Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service (connection slot exhaustion) via multiple connections, aka Bug Id 6782659.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-16 Configuration

Open Source Vulnerability Database (OSVDB)

id Description
61417 Sun Java System Directory Proxy Server SO_KEEPALIVE Connection Slot Exhaustio...
61375 Sun Java System Directory Proxy Server psearch Client Resource Exhaustion Rem...
61374 Sun Java System Directory Proxy Server New Client Connection Crafted Packet H...

OpenVAS Exploits

id Description
2010-01-04 Name : Sun Java System DSEE Multiple Vulnerabilities (Win)
File : nvt/secpod_sun_java_dir_server_mult_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2010-B-0002 Multiple Remote Vulnerabilities in Sun Java System Directory Server
Severity: Category I - VMSKEY: V0022181

Nessus® Vulnerability Scanner

id Description
2009-12-30 Name: The remote directory service is affected by multiple vulnerabilities.
File: sun_directory_proxy_server_multiple.nasl - Type: ACT_GATHER_INFO