662 matches found
CVE-2009-4442
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service connection slot exhaustion by making multiple connections an...
Code injection
Unspecified vulnerability in the psearch aka persistent search functionality in Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service psearch outage by using a crafted psearch client to send request...
Directory traversal
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SOKEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service connection slot exhaustion via multiple connections, aka Bug Id 6782659...
Code injection
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote attackers to cause a denial of service connection slot exhaustion by making multiple connections an...
Design/Logic Flaw
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges o...
CVE-2009-4440
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges o...
CVE-2009-4443
Unspecified vulnerability in the psearch aka persistent search functionality in Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 allows remote attackers to cause a denial of service psearch outage by using a crafted psearch client to send request...
CVE-2009-4441
CVE-2009-4441 affects Sun Java System Directory Proxy Server (DPS) 6.x prior to 6.3.1.1, bundled with Sun Java System Directory Server Enterprise Edition. The root cause is that DPS/DSEE fails to enable the SO_KEEPALIVE socket option, enabling remote attackers to cause a denial of service via con...
CVE-2009-4441
Directory Proxy Server DPS in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not enable the SOKEEPALIVE socket option, which makes it easier for remote attackers to cause a denial of service connection slot exhaustion via multiple connections, aka Bug Id 6782659...
CVE-2009-4440
Sun Java System Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition, versions 6.0–6.3.1 (Windows and other platforms per OpenVAS/NVD entries) is affected by CVE-2009-4440 due to improper handling of multiple simultaneous client connections within a short time windo...
CVE-2009-4442
CVE-2009-4442 affects Sun Java System Directory Proxy Server (DPS) / Sun Directory Server Enterprise Edition 6.0–6.3.1. The issue is improper handling of max-client-connections, allowing remote attackers to exhaust connection slots via multiple idle connections, leading to DoS. Multiple connected...
CVE-2009-4187
Multiple cross-site scripting XSS vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4187
Multiple cross-site scripting XSS vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Sun Java System Web Server Buffer Overflow Vulnerability (Linux)
This host has Sun Java Web Server running which is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsunjavasyswebservbofvulnlin.nasl 4869 2016-12-29 11:01:45Z teissa $ Sun Java System Web Server Buffer Overflow Vulnerability Linux Authors: Sharath S Copyright: Copyright c...
Sun Java System Web Server Buffer Overflow Vulnerability - Windows
Sun Java Web Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sun Java System Web Server < 7.0 Update 7 Buffer Overflow Vulnerability
Sun Java Web Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2009-3878
Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vdsjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is...
Buffer overflow
Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vdsjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is...
CVE-2009-3878
The CVE refers to a buffer overflow in Sun Java System Web Server 7.0 Update 6. The connected OpenVAS entries confirm Windows and Linux variants of a Sun Java System Web Server Buffer Overflow vulnerability (CPE: s sun java_system_web_server). The root cause is a buffer overflow in the server com...