CVE-2006-4353

Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local and remote attackers to read data from arbitrary files via unspecified vectors...

[SA21628] Sun Java System Content Delivery Server Arbitrary File Disclosure

TITLE: Sun Java System Content Delivery Server Arbitrary File Disclosure SECUNIA ADVISORY ID: SA21628 VERIFY ADVISORY: http://secunia.com/advisories/21628/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Sun Java System Content Delivery Server...

Sun Java System Content Delivery Server directory traversal

No description provided...

CVE-2006-3921

Summary (CVE-2006-3921): Affects Sun Java System Application Server (SJSAS) 7–8.1 and Web Server (SJSWS) 6.0–6.1. The issue permits remote authenticated users to read files outside the “document root” via a direct request using a UTF-8 encoded URI. The NVD entry lists a Medium base score (AV:N/AC...

CVE-2005-4806

Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service unresponsive service via unknown vectors...

CVE-2005-4804

Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications...

CVE-2005-4805

Technical details about CVE-2005-4805 are not publicly available in the provided documents; no specifics on affected product versions, vectors, or fixes are provided. Monitor for updates.

CVE-2005-4806

CVE-2005-4806 affects Sun Java System Web Proxy Server 3.6 SP7 and earlier. The vulnerability is described as multiple unspecified remote vulnerabilities that allow an attacker to cause a denial of service (unresponsive service) via unknown vectors. The provided sources identify the affected prod...

Write-up by Amit Klein: "IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning)"

IE + some popular forward proxy servers = XSS, defacement browser cache poisoning Or "Exploiting the XmlHttpRequest object in IE" part II Amit Klein, May 2006 Preface ======= When I published my Exploiting the XmlHttpRequest object in IE - Referrer spoofing and a lot more..." 1 paper, I only...

CVE-2006-2513

Sun Java System Directory Server 5.2 contains a flaw in the installation process that writes incorrect user data to a file created during installation, enabling privilege elevation for remote attackers or local users. The connected Nessus entry (Sun Server Console Authentication Bypass) notes a d...

[SA20147] Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability

TITLE: Sun ONE/Java System Web Server Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA20147 VERIFY ADVISORY: http://secunia.com/advisories/20147/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Sun Java System Application Server Sun ONE 7.x...

[SA20144] Sun Java System Directory Server Authentication Bypass

TITLE: Sun Java System Directory Server Authentication Bypass SECUNIA ADVISORY ID: SA20144 VERIFY ADVISORY: http://secunia.com/advisories/20144/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From local network SOFTWARE: Sun Java System Directory Server 5.x...

Design/Logic Flaw

LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service memory allocation error via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite...

CVE-2006-0647

LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service memory allocation error via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite...

CVE-2006-0647

Summary: CVE-2006-0647 affects Sun Java System Directory Server 5.2 (LDAP server) on Linux and possibly other platforms. The vulnerability is triggered by a crafted LDAP subtree search request, leading to a denial of service via a memory allocation error. The issue arises from improper handling o...

CVE-2006-0647

LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service memory allocation error via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite...

[SA18769] Sun Java System Directory Server LDAP Denial of Service

TITLE: Sun Java System Directory Server LDAP Denial of Service SECUNIA ADVISORY ID: SA18769 VERIFY ADVISORY: http://secunia.com/advisories/18769/ CRITICAL: Less critical IMPACT: DoS WHERE: From local network SOFTWARE: Sun ONE Directory Server 5.x http://secunia.com/product/6188/ Sun Java System...

Authentication flaw

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool...

CVE-2006-0531

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool...

CVE-2006-0531

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool...