Info

Disclosure

Mar 23, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Mar 23, 2007

Description

The ns-slapd component of Sun Microsystems Java Directory Server contains a flaw that may allow a remote denial of service. The issue is triggered when certain types of failed queries occur, and will result in loss of availability for the directory server services hosted on the affected system.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Private
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Sun Microsystems, Inc.	Java System Directory Server (JES)	5.1 sp 3
		5.2
		Enterprise Edition

References

Security Tracker: 1017814
CVE ID: 2006-4175 (see also: NVD)
Bugtraq ID: 23117
Secunia Advisory ID: 24634 47513
VUPEN Advisory: ADV-2007-1090
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-03/0322.html
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=491
Vendor Specific Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102853-1
https://kb.bluecoat.com/index?page=content&id=SA64

Credit

iDefense Labs - iDefense Labs

Direct URL: http://osvdb.org/33524

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Sun Microsystems, Inc.

Java System Directory Server (JES)

References

Credit