Solaris 5.9 (x86) : 126356-03

Sun Java System Access Manager 7.1 Solaris. Date this patch was last updated by Sun : Jun/19/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security if !...

Null pointer dereference

The coregetproxyauthdn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted LDAP Search Request message...

CVE-2010-0313

The coregetproxyauthdn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted LDAP Search Request message...

Input validation

Unspecified vulnerability in Sun Java System Identity Manager aka IdM 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors...

CVE-2010-0313

CVE-2010-0313 affects Sun Java System Directory Server Enterprise Edition 7.0. The vulnerable component is the ns-slapd function core_get_proxyauth_dn, triggered by a crafted LDAP Search Request, which can cause a NULL pointer dereference and a daemon crash (DoS) without requiring authentication....

CVE-2010-0311

Technical details about CVE-2010-0311 are not publicly provided in the supplied documents; no concrete affected products, versions, or remediation info are listed here. Monitor for updates in the connected sources.

Sun Java System Directory Server Detection (LDAP)

LDAP based detection of Sun Java System Directory Server. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sun Java System Directory Server 7.0 - core_get_proxyauth_dn Denial of Service

Sun Java System Directory Server 7.0 - coregetproxyauthdn Denial of Service source: https://www.securityfocus.com/bid/37699/info Sun Java System Directory Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the effected application, denying service to...

CVE-2010-0273

Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vdsjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no...

CVE-2010-0272

Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vdsjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no actionable information...

Code injection

Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vdsjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no...

CVE-2010-0273

Affected product/versions: Sun Java System Web Server 7.0 Update 7 (and related disclosures mentioning 7.0 Update 6/7). Vulnerability/root cause: Remote attackers can overwrite heap memory and read memory contents by sending a malformed HTTP TRACE request containing a long URI and many empty head...

CVE-2010-0273

Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vdsjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no...

CVE-2010-0272

CVE-2010-0272 is discussed across multiple sources as a Sun Java System Web Server 7.0–era issue. Connected Red Hat data ties CVE-2010-0360 to a heap-overflow condition caused by a malformed HTTP TRACE request that can overwrite and reveal memory contents, suggesting a related memory-overwrite vu...

Sun Java System Web Server 6.17.0 - TRACE Heap Buffer Overflow (PoC)

Sun Java System Web Server 6.17.0 - TRACE Heap Buffer Overflow PoC source: https://www.securityfocus.com/bid/37648/info Sun Java System Web Server is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the affected application or to obtain...

Sun Java System Web Server 6.1/7.0 - 'TRACE' Heap Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/37648/info Sun Java System Web Server is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to crash the affected application or to obtain potentially sensitive information that may aid in further attacks. The...

Sun Java System DSEE Multiple Vulnerabilities - Windows

Sun Java System Directory Server Enterprise Edition DSEE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Sun Java System DSEE Multiple Vulnerabilities (Windows)

This host is running Sun Java System Directory Server Enterprise Edition DSEE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodsunjavadirservermultvulnwin.nasl 5401 2017-02-23 09:46:07Z teissa $ Sun Java System DSEE Multiple Vulnerabilities Windows Authors: Sharath ...

Sun Java System Directory Proxy Server 6.x < 6.3.1.1 Multiple Vulnerabilities.

The remote host is running the Sun Java System Directory Proxy Server, an LDAP application-layer protocol gateway. It is typically provided with Sun Java System Directory Server Enterprise Edition. The installed version of Sun Java System Directory Proxy Server is older than 6.3.1.1 and thus...

CVE-2009-4441

Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SOKEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service connection slot exhaustion via multiple connections, aka Bug Id 6782659...