CVE-2009-4443

CVE-2009-4443 is a denial-of-service issue in the psearch (persistent search) functionality of Sun Java System Directory Proxy Server (DPS), part of Sun Java System Directory Server Enterprise Edition, versions 6.0–6.3.1. The vulnerability allows remote attackers to trigger a psearch thread loop,...

CVE-2007-3224

CVE-2007-3224 refers to an information-disclosure vulnerability in Sun Java System Directory Server (slapd) affecting versions 6.0 and 5.x before 5.2 Patch 5. The issue allows remote attackers to determine the existence of attributes of an entry via unspecified vectors. Connected sources (includi...

CVE-2009-4441

CVE-2009-4441 affects Sun Java System Directory Proxy Server (DPS) 6.x prior to 6.3.1.1, bundled with Sun Java System Directory Server Enterprise Edition. The root cause is that DPS/DSEE fails to enable the SO_KEEPALIVE socket option, enabling remote attackers to cause a denial of service via con...

CVE-2009-4442

CVE-2009-4442 affects Sun Java System Directory Proxy Server (DPS) / Sun Directory Server Enterprise Edition 6.0–6.3.1. The issue is improper handling of max-client-connections, allowing remote attackers to exhaust connection slots via multiple idle connections, leading to DoS. Multiple connected...

CVE-2010-0708

CVE-2010-0708 affects Sun Directory Server family (Sun Directory Server Enterprise Edition 7.0; Sun Java System Directory Server 5.2; Sun Java System Directory Server Enterprise Edition 6.0–6.3.1). The issue is multiple unspecified vulnerabilities in LDAP search handling that allow remote attacke...

CVE-2005-3269

This CVE affects multiple directory server products via a stack-based buffer overflow in help.cgi in the HTTP administrative interface, allowing remote attackers to cause a denial of service or, for local users, gain root privileges. Affected are Sun Java System Directory Server 5.2 (2003Q4, 2004...

CVE-2008-1995

Affected software : Sun Java System Directory Proxy Server 6.0, 6.1, and 6.2. Vulnerability : connection classification using the bind_dn criterion can cause incorrect policy application. Impact : may allow a remote attacker to bypass intended access restrictions and gains remote administrative a...

CVE-2009-4440

Sun Java System Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition, versions 6.0–6.3.1 (Windows and other platforms per OpenVAS/NVD entries) is affected by CVE-2009-4440 due to improper handling of multiple simultaneous client connections within a short time windo...

CVE-2006-3127

CVE-2006-3127 describes a memory leak in Network Security Services (NSS) 3.11 used by Sun Java Enterprise System (2003Q4–2005Q1) and Java System Directory Server 5.2. The issue allows remote attackers to trigger a denial of service by performing a large number of RSA cryptographic operations, lea...

CVE-2009-1332

Summary: CVE-2009-1332 corresponds to an information-disclosure vulnerability in Sun Java System Directory Server's Online Help feature. The issue allows remote attackers to determine whether certain files or directories exist, and in some cases obtain a single line of a file, via unspecified vec...

CVE-2006-2513

Sun Java System Directory Server 5.2 contains a flaw in the installation process that writes incorrect user data to a file created during installation, enabling privilege elevation for remote attackers or local users. The connected Nessus entry (Sun Server Console Authentication Bypass) notes a d...

CVE-2009-0609

CVE-2009-0609 affects Sun Java System Directory Proxy Server (within Sun Java System Directory Server Enterprise Edition) versions 6.0–6.3. When a JDBC data source is used, the server does not properly handle (1) a long value in an ADD or (2) long string attributes, enabling remote attackers to c...

CVE-2007-2466

CVE-2007-2466 affects the LDAP Software Development Kit (SDK) for C used in Sun Java System Directory Server 5.2 (up to Patch 4) and Sun ONE Directory Server 5.1. The vulnerability is described as unspecified but enables remote attackers to cause a denial of service (crash) via certain BER encodi...

CVE-2009-0576

Sun Java System Directory Server 5.2 p6 and earlier, and Enterprise Edition 5, are affected by CVE-2009-0576. An unspecified vulnerability allows remote attackers to cause a denial of service (daemon crash) via crafted LDAP requests. The provided documents do not specify the exact root cause, vul...

CVE-2006-0647

Summary: CVE-2006-0647 affects Sun Java System Directory Server 5.2 (LDAP server) on Linux and possibly other platforms. The vulnerability is triggered by a crafted LDAP subtree search request, leading to a denial of service via a memory allocation error. The issue arises from improper handling o...

CVE-2007-3225

Sun Java System Directory Server (slapd) 6.0 and 5.2 with Patch 3 or 4 are affected by CVE-2007-3225. The vulnerability allows remote attackers to modify certain data via unknown vectors. The available documents do not specify the exact component/function/file/root cause, nor provide a confirmed ...

CVE-2010-0313

CVE-2010-0313 affects Sun Java System Directory Server Enterprise Edition 7.0. The vulnerable component is the ns-slapd function core_get_proxyauth_dn, triggered by a crafted LDAP Search Request, which can cause a NULL pointer dereference and a daemon crash (DoS) without requiring authentication....

CVE-2006-4175

The CVE-2006-4175 issue affects Sun Java System Directory Server and ONE Directory Server (ns-slapd) versions 5.2 Patch4 and earlier, and 5.1/5.2 for ONE. Affected component: LDAP server; root cause: malformed BER queries in the BER decoding/cleanup path lead to a free of uninitialized memory. Im...